diff --git a/0.4.html b/0.4.html index 5068ec547..09b024493 100644 --- a/0.4.html +++ b/0.4.html @@ -4,13 +4,13 @@ Overview | Fleet - +
-
Skip to main content
Version: 0.4

Overview

What is Fleet?​

  • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

  • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability.

Configuration Management​

Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

- +
Skip to main content
Version: 0.4

Overview

What is Fleet?​

  • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

  • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability.

Configuration Management​

Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

+ \ No newline at end of file diff --git a/0.4/advanced-users.html b/0.4/advanced-users.html index d60a22f8f..b0ffe7776 100644 --- a/0.4/advanced-users.html +++ b/0.4/advanced-users.html @@ -4,13 +4,13 @@ Advanced Users | Fleet - +
-
Skip to main content
Version: 0.4

Advanced Users

Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases.

The following are examples of advanced use cases:

Please refer to the installation and the uninstall documentation for additional information.

- +
Skip to main content
Version: 0.4

Advanced Users

Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases.

The following are examples of advanced use cases:

Please refer to the installation and the uninstall documentation for additional information.

+ \ No newline at end of file diff --git a/0.4/agent-initiated.html b/0.4/agent-initiated.html index 3397aae0b..62bad7ca8 100644 --- a/0.4/agent-initiated.html +++ b/0.4/agent-initiated.html @@ -4,7 +4,7 @@ Agent Initiated | Fleet - + @@ -39,8 +39,8 @@ For the agent chart the namespace must be cattle-fleet-system and t Helm will use the default context in ${HOME}/.kube/config to deploy the agent. Use --kubeconfig and --kube-context to change which cluster Helm is installing to.

Finally, install the agent using Helm.

helm -n cattle-fleet-system install --create-namespace --wait \
    --set clientID="$CLUSTER_CLIENT_ID" \
    --values values.yaml \
    fleet-agent https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-agent-v0.4.1.tgz

The agent should now be deployed. You can check that status of the fleet pods by running the below commands.

# Ensure kubectl is pointing to the right cluster
kubectl -n cattle-fleet-system logs -l app=fleet-agent
kubectl -n cattle-fleet-system get pods -l app=fleet-agent

Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster was registered in the clusters namespace. Please ensure your ${HOME}/.kube/config is pointed to the Fleet -manager to run this command.

kubectl -n clusters get clusters.fleet.cattle.io
NAME                   BUNDLES-READY   NODES-READY   SAMPLE-NODE             LAST-SEEN              STATUS
my-cluster             1/1             1/1           k3d-cluster2-server-0   2020-08-31T19:23:10Z
- +manager to run this command.

kubectl -n clusters get clusters.fleet.cattle.io
NAME                   BUNDLES-READY   NODES-READY   SAMPLE-NODE             LAST-SEEN              STATUS
my-cluster             1/1             1/1           k3d-cluster2-server-0   2020-08-31T19:23:10Z
+ \ No newline at end of file diff --git a/0.4/architecture.html b/0.4/architecture.html index 2b90e0536..748ed4e84 100644 --- a/0.4/architecture.html +++ b/0.4/architecture.html @@ -4,7 +4,7 @@ Architecture | Fleet - + @@ -28,8 +28,8 @@ The cluster registration token is used only during the registration process to g to that cluster. After the cluster credential is established the cluster "forgets" the cluster registration token.

The service accounts given to the clusters only have privileges to list BundleDeployment in the namespace created specifically for that cluster. It can also update the status subresource of BundleDeployment and the status -subresource of it's Cluster resource.

- +subresource of it's Cluster resource.

+ \ No newline at end of file diff --git a/0.4/bundle-diffs.html b/0.4/bundle-diffs.html index 874d6e2b1..0f288d054 100644 --- a/0.4/bundle-diffs.html +++ b/0.4/bundle-diffs.html @@ -4,14 +4,14 @@ Generating Diffs for Modified GitRepos | Fleet - +
Skip to main content
Version: 0.4

Generating Diffs for Modified GitRepos

Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.

You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the Bundles section.

The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the caBundle is empty and the CA cert is injected by the cluster.

This leads the status of the bundle and associated GitRepo to be reported as "Modified"

Associated Bundle -

Fleet bundles support the ability to specify a custom jsonPointer patch.

With the patch, users can instruct fleet to ignore object modifications.

In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

In our case the differences detected are as follows:

  summary:
    desiredReady: 1
    modified: 1
    nonReadyResources:
    - bundleState: Modified
      modifiedStatus:
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

Based on this summary, there are three objects which need to be patched.

We will look at these one at a time.

1. ValidatingWebhookConfiguration:​

The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

From this information, we can see the two ValidatingWebhooks in question are:

  "$setElementOrder/webhooks": [
    {
      "name": "validation.gatekeeper.sh"
    },
    {
      "name": "check-ignore-label.gatekeeper.sh"
    }
  ],

Within each ValidatingWebhook, the fields that need to be ignore are as follows:

    {
      "clientConfig": {
        "caBundle": "Cg=="
      },
      "name": "validation.gatekeeper.sh",
      "rules": [
        {
          "apiGroups": [
            "*"
          ],
          "apiVersions": [
            "*"
          ],
          "operations": [
            "CREATE",
            "UPDATE"
          ],
          "resources": [
            "*"
          ]
        }
      ]
    },

and 

    {
     "clientConfig": {
       "caBundle": "Cg=="
     },
     "name": "check-ignore-label.gatekeeper.sh",
     "rules": [
       {
         "apiGroups": [
           ""
         ],
         "apiVersions": [
           "*"
         ],
         "operations": [
           "CREATE",
           "UPDATE"
         ],
         "resources": [
           "namespaces"
         ]
       }
     ]
   }

In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

Based on this information, our diff patch would look as follows:

  - apiVersion: admissionregistration.k8s.io/v1
    kind: ValidatingWebhookConfiguration
    name: gatekeeper-validating-webhook-configuration
    operations:
    - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
    - {"op": "remove", "path":"/webhooks/0/rules"}
    - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
    - {"op": "remove", "path":"/webhooks/1/rules"}

2. Deployment gatekeeper-controller-manager:​

The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

{
  "spec": {
    "template": {
      "spec": {
        "$setElementOrder/containers": [
          {
            "name": "manager"
          }
        ],
        "containers": [
          {
            "name": "manager",
            "resources": {
              "limits": {
                "cpu": "1000m"
              }
            }
          }
        ],
        "tolerations": []
      }
    }
  }
}

In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

Based on this information, our diff patch would look as follows:

  - apiVersion: apps/v1
    kind: Deployment
    name: gatekeeper-controller-manager
    namespace: cattle-gatekeeper-system
    operations:
    - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
    - {"op": "remove", "path": "/spec/template/spec/tolerations"}

3. Deployment gatekeeper-audit:​

The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

{
  "spec": {
    "template": {
      "spec": {
        "$setElementOrder/containers": [
          {
            "name": "manager"
          }
        ],
        "containers": [
          {
            "name": "manager",
            "resources": {
              "limits": {
                "cpu": "1000m"
              }
            }
          }
        ],
        "tolerations": []
      }
    }
  }
}

Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

Based on this information, our diff patch would look as follows:

  - apiVersion: apps/v1
    kind: Deployment
    name: gatekeeper-audit
    namespace: cattle-gatekeeper-system
    operations:
    - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
    - {"op": "remove", "path": "/spec/template/spec/tolerations"}

Combining It All Together​

We can now combine all these patches as follows:

diff:
  comparePatches:
  - apiVersion: apps/v1
    kind: Deployment
    name: gatekeeper-audit
    namespace: cattle-gatekeeper-system
    operations:
    - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
    - {"op": "remove", "path": "/spec/template/spec/tolerations"}
  - apiVersion: apps/v1
    kind: Deployment
    name: gatekeeper-controller-manager
    namespace: cattle-gatekeeper-system
    operations:
    - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
    - {"op": "remove", "path": "/spec/template/spec/tolerations"}
  - apiVersion: admissionregistration.k8s.io/v1
    kind: ValidatingWebhookConfiguration
    name: gatekeeper-validating-webhook-configuration
    operations:
    - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
    - {"op": "remove", "path":"/webhooks/0/rules"}
    - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
    - {"op": "remove", "path":"/webhooks/1/rules"}

We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

Once these are added, the GitRepo should deploy and be in "Active" status.

- +

Fleet bundles support the ability to specify a custom jsonPointer patch.

With the patch, users can instruct fleet to ignore object modifications.

In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

In our case the differences detected are as follows:

  summary:
    desiredReady: 1
    modified: 1
    nonReadyResources:
    - bundleState: Modified
      modifiedStatus:
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

Based on this summary, there are three objects which need to be patched.

We will look at these one at a time.

1. ValidatingWebhookConfiguration:​

The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

From this information, we can see the two ValidatingWebhooks in question are:

  "$setElementOrder/webhooks": [
    {
      "name": "validation.gatekeeper.sh"
    },
    {
      "name": "check-ignore-label.gatekeeper.sh"
    }
  ],

Within each ValidatingWebhook, the fields that need to be ignore are as follows:

    {
      "clientConfig": {
        "caBundle": "Cg=="
      },
      "name": "validation.gatekeeper.sh",
      "rules": [
        {
          "apiGroups": [
            "*"
          ],
          "apiVersions": [
            "*"
          ],
          "operations": [
            "CREATE",
            "UPDATE"
          ],
          "resources": [
            "*"
          ]
        }
      ]
    },

and 

    {
     "clientConfig": {
       "caBundle": "Cg=="
     },
     "name": "check-ignore-label.gatekeeper.sh",
     "rules": [
       {
         "apiGroups": [
           ""
         ],
         "apiVersions": [
           "*"
         ],
         "operations": [
           "CREATE",
           "UPDATE"
         ],
         "resources": [
           "namespaces"
         ]
       }
     ]
   }

In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

Based on this information, our diff patch would look as follows:

  - apiVersion: admissionregistration.k8s.io/v1
    kind: ValidatingWebhookConfiguration
    name: gatekeeper-validating-webhook-configuration
    operations:
    - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
    - {"op": "remove", "path":"/webhooks/0/rules"}
    - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
    - {"op": "remove", "path":"/webhooks/1/rules"}

2. Deployment gatekeeper-controller-manager:​

The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

{
  "spec": {
    "template": {
      "spec": {
        "$setElementOrder/containers": [
          {
            "name": "manager"
          }
        ],
        "containers": [
          {
            "name": "manager",
            "resources": {
              "limits": {
                "cpu": "1000m"
              }
            }
          }
        ],
        "tolerations": []
      }
    }
  }
}

In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

Based on this information, our diff patch would look as follows:

  - apiVersion: apps/v1
    kind: Deployment
    name: gatekeeper-controller-manager
    namespace: cattle-gatekeeper-system
    operations:
    - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
    - {"op": "remove", "path": "/spec/template/spec/tolerations"}

3. Deployment gatekeeper-audit:​

The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

{
  "spec": {
    "template": {
      "spec": {
        "$setElementOrder/containers": [
          {
            "name": "manager"
          }
        ],
        "containers": [
          {
            "name": "manager",
            "resources": {
              "limits": {
                "cpu": "1000m"
              }
            }
          }
        ],
        "tolerations": []
      }
    }
  }
}

Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

Based on this information, our diff patch would look as follows:

  - apiVersion: apps/v1
    kind: Deployment
    name: gatekeeper-audit
    namespace: cattle-gatekeeper-system
    operations:
    - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
    - {"op": "remove", "path": "/spec/template/spec/tolerations"}

Combining It All Together​

We can now combine all these patches as follows:

diff:
  comparePatches:
  - apiVersion: apps/v1
    kind: Deployment
    name: gatekeeper-audit
    namespace: cattle-gatekeeper-system
    operations:
    - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
    - {"op": "remove", "path": "/spec/template/spec/tolerations"}
  - apiVersion: apps/v1
    kind: Deployment
    name: gatekeeper-controller-manager
    namespace: cattle-gatekeeper-system
    operations:
    - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
    - {"op": "remove", "path": "/spec/template/spec/tolerations"}
  - apiVersion: admissionregistration.k8s.io/v1
    kind: ValidatingWebhookConfiguration
    name: gatekeeper-validating-webhook-configuration
    operations:
    - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
    - {"op": "remove", "path":"/webhooks/0/rules"}
    - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
    - {"op": "remove", "path":"/webhooks/1/rules"}

We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

Once these are added, the GitRepo should deploy and be in "Active" status.

+ \ No newline at end of file diff --git a/0.4/changelogs.html b/0.4/changelogs.html index ff39a2548..707258ff8 100644 --- a/0.4/changelogs.html +++ b/0.4/changelogs.html @@ -4,13 +4,13 @@ 0.4 Changelogs | Fleet - +
-
Skip to main content
- +
Skip to main content
+ \ No newline at end of file diff --git a/0.4/changelogs/changelogs/v0.4.0.html b/0.4/changelogs/changelogs/v0.4.0.html index 45c14ce01..dd7027821 100644 --- a/0.4/changelogs/changelogs/v0.4.0.html +++ b/0.4/changelogs/changelogs/v0.4.0.html @@ -4,13 +4,13 @@ Fleet v0.4.0 | Fleet - +
-
Skip to main content
Version: 0.4

Fleet v0.4.0

  • (rancherio-gh-m) released this 2022-10-13 16:38:56 +0000 UTC*

Description​

Additions

  • Added the ability to utilize Helm atomic when installing and upgrading.
  • Added an RBAC rule for leases.coordination.k8s.io in the Gitjob chart.

Note: due to an issue in the fleet agent, when a bundle fails to install properly the agent goes into a cycle of repeatedly trying to reinstall. This happens when atomic is set or there is an error with installing the bundle for another reason. This is the cause of issue #499 and is being worked on.

Note: due to an issue in the fleet controller the presence of a clusterregistrationtoken resource can lead to a higher than normal CPU load. The token expiry time is not updated correctly. The issue is fixed in the next version of fleet.

Bug Fixes

  • Fixed an issue where the fleet agent can continuously delete resources

Changes

  • Added CI testing to Gitjob
  • Updated dependencies (Go modules and base container images)
  • Updated to a newer version of the Tekton components used by Fleet
  • Updated builds to Go 1.18
  • Updated the base container images to use SLE BCI

Download​

Information retrieved from here

- +
Skip to main content
Version: 0.4

Fleet v0.4.0

  • (rancherio-gh-m) released this 2022-10-13 16:38:56 +0000 UTC*

Description​

Additions

  • Added the ability to utilize Helm atomic when installing and upgrading.
  • Added an RBAC rule for leases.coordination.k8s.io in the Gitjob chart.

Note: due to an issue in the fleet agent, when a bundle fails to install properly the agent goes into a cycle of repeatedly trying to reinstall. This happens when atomic is set or there is an error with installing the bundle for another reason. This is the cause of issue #499 and is being worked on.

Note: due to an issue in the fleet controller the presence of a clusterregistrationtoken resource can lead to a higher than normal CPU load. The token expiry time is not updated correctly. The issue is fixed in the next version of fleet.

Bug Fixes

  • Fixed an issue where the fleet agent can continuously delete resources

Changes

  • Added CI testing to Gitjob
  • Updated dependencies (Go modules and base container images)
  • Updated to a newer version of the Tekton components used by Fleet
  • Updated builds to Go 1.18
  • Updated the base container images to use SLE BCI

Download​

Information retrieved from here

+ \ No newline at end of file diff --git a/0.4/changelogs/changelogs/v0.4.1.html b/0.4/changelogs/changelogs/v0.4.1.html index 1efdfd389..30b6d63b4 100644 --- a/0.4/changelogs/changelogs/v0.4.1.html +++ b/0.4/changelogs/changelogs/v0.4.1.html @@ -4,13 +4,13 @@ Fleet v0.4.1 | Fleet - +
-
Skip to main content
Version: 0.4

Fleet v0.4.1

  • (rancherio-gh-m) released this 2022-11-18 13:27:55 +0000 UTC*

Description​

Bug Fixes

  • Fix parameter generation when using Helm secrets in #1098
  • Fix token expiry bug by in #1099

Full Changelog: v0.4.0...v0.4.1

Download​

Information retrieved from here

- +
Skip to main content
Version: 0.4

Fleet v0.4.1

  • (rancherio-gh-m) released this 2022-11-18 13:27:55 +0000 UTC*

Description​

Bug Fixes

  • Fix parameter generation when using Helm secrets in #1098
  • Fix token expiry bug by in #1099

Full Changelog: v0.4.0...v0.4.1

Download​

Information retrieved from here

+ \ No newline at end of file diff --git a/0.4/cluster-bundles-state.html b/0.4/cluster-bundles-state.html index 7f1b21774..2dab65037 100644 --- a/0.4/cluster-bundles-state.html +++ b/0.4/cluster-bundles-state.html @@ -4,13 +4,13 @@ Cluster and Bundle state | Fleet - +
-
Skip to main content
Version: 0.4

Cluster and Bundle state

Clusters and Bundles have different states in each phase of applying Bundles.

Bundles​

Ready: Bundles have been deployed and all resources are ready.

NotReady: Bundles have been deployed and some resources are not ready.

WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

Pending: Bundles are being processed by Fleet controller.

Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

Clusters​

WaitCheckIn: Waiting for agent to report registration information and cluster status back.

NotReady: There are bundles in this cluster that are in NotReady state.

WaitApplied: There are bundles in this cluster that are in WaitApplied state.

ErrApplied: There are bundles in this cluster that are in ErrApplied state.

OutOfSync: There are bundles in this cluster that are in OutOfSync state.

Pending: There are bundles in this cluster that are in Pending state.

Modified: There are bundles in this cluster that are in Modified state.

Ready: Bundles in this cluster have been deployed and all resources are ready.

- +
Skip to main content
Version: 0.4

Cluster and Bundle state

Clusters and Bundles have different states in each phase of applying Bundles.

Bundles​

Ready: Bundles have been deployed and all resources are ready.

NotReady: Bundles have been deployed and some resources are not ready.

WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

Pending: Bundles are being processed by Fleet controller.

Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

Clusters​

WaitCheckIn: Waiting for agent to report registration information and cluster status back.

NotReady: There are bundles in this cluster that are in NotReady state.

WaitApplied: There are bundles in this cluster that are in WaitApplied state.

ErrApplied: There are bundles in this cluster that are in ErrApplied state.

OutOfSync: There are bundles in this cluster that are in OutOfSync state.

Pending: There are bundles in this cluster that are in Pending state.

Modified: There are bundles in this cluster that are in Modified state.

Ready: Bundles in this cluster have been deployed and all resources are ready.

+ \ No newline at end of file diff --git a/0.4/cluster-group.html b/0.4/cluster-group.html index 13485dd3a..55d1bff72 100644 --- a/0.4/cluster-group.html +++ b/0.4/cluster-group.html @@ -4,7 +4,7 @@ Cluster Groups | Fleet - + @@ -13,8 +13,8 @@ The only parameter for a cluster group is essentially the selector. When you get to a certain scale cluster groups become a more reasonable way to manage your clusters. Cluster groups serve the purpose of giving aggregated -status of the deployments and then also a simpler way to manage targets.

A cluster group is created by creating a ClusterGroup resource like below

kind: ClusterGroup
apiVersion: fleet.cattle.io/v1alpha1
metadata:
  name: production-group
  namespace: clusters
spec:
  # This is the standard metav1.LabelSelector format to match clusters by labels
  selector:
    matchLabels:
      env: prod
- +status of the deployments and then also a simpler way to manage targets.

A cluster group is created by creating a ClusterGroup resource like below

kind: ClusterGroup
apiVersion: fleet.cattle.io/v1alpha1
metadata:
  name: production-group
  namespace: clusters
spec:
  # This is the standard metav1.LabelSelector format to match clusters by labels
  selector:
    matchLabels:
      env: prod
+ \ No newline at end of file diff --git a/0.4/cluster-overview.html b/0.4/cluster-overview.html index c3086d9fc..5678477ee 100644 --- a/0.4/cluster-overview.html +++ b/0.4/cluster-overview.html @@ -4,7 +4,7 @@ Overview | Fleet - + @@ -24,8 +24,8 @@ manager must be able to communicate with the downstream cluster API server for t After the cluster is registered there is no further need for the manager to contact the downstream cluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes clusters through GitOps using something like cluster-api -or Rancher.

- +or Rancher.

+ \ No newline at end of file diff --git a/0.4/cluster-tokens.html b/0.4/cluster-tokens.html index 6ccf3f0d9..3ebc9c0d0 100644 --- a/0.4/cluster-tokens.html +++ b/0.4/cluster-tokens.html @@ -4,7 +4,7 @@ Cluster Registration Tokens | Fleet - + @@ -26,8 +26,8 @@ are used in Fleet refer to the documentation on namesp token with the below YAML.

kind: ClusterRegistrationToken
apiVersion: "fleet.cattle.io/v1alpha1"
metadata:
    name: new-token
    namespace: clusters
spec:
    # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.
    ttl: 240h

After the ClusterRegistrationToken is created, Fleet will create a corresponding Secret with the same name. As the Secret creation is performed asynchronously, you will need to wait until it's available before using it.

One way to do so is via the following one-liner:

while ! kubectl --namespace=clusters  get secret new-token; do sleep 5; done

Obtaining Token Value (Agent values.yaml)​

The token value contains YAML content for a values.yaml file that is expected to be passed to helm install to install the Fleet agent on a downstream cluster.

Such value is contained in the values field of the Secret mentioned above. To obtain the YAML content for the -above example one can run the following one-liner:

kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml

Once the values.yaml is ready it can be used repeatedly by clusters to register until the TTL expires.

- +above example one can run the following one-liner:

kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml

Once the values.yaml is ready it can be used repeatedly by clusters to register until the TTL expires.

+ \ No newline at end of file diff --git a/0.4/concepts.html b/0.4/concepts.html index 9fcbf4a2c..d99d6952b 100644 --- a/0.4/concepts.html +++ b/0.4/concepts.html @@ -4,7 +4,7 @@ Core Concepts | Fleet - + @@ -24,8 +24,8 @@ Regardless of the source the contents are dynamically rendered into a Helm chart and installed into the downstream cluster as a helm release.

  • BundleDeployment: When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for -the cluster the agent is managing.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • - +the cluster the agent is managing.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • + \ No newline at end of file diff --git a/0.4/examples.html b/0.4/examples.html index 424afade8..614a395c7 100644 --- a/0.4/examples.html +++ b/0.4/examples.html @@ -4,14 +4,14 @@ Examples | Fleet - +
    Skip to main content
    Version: 0.4

    Examples

    Lifecycle of a Fleet Bundle​

    To demonstrate the lifecycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    Deploy Kubernetes Manifests Across Clusters with Customization​

    Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.

    To demonstrate how to deploy Kubernetes manifests across different clusters using Fleet, we will use multi-cluster/helm/fleet.yaml as a case study.

    Situation: User has three clusters with three different labels: env=dev, env=test, and env=prod. User wants to deploy a frontend application with a backend database across these clusters.

    Expected behavior:

    • After deploying to the dev cluster, database replication is not enabled.
    • After deploying to the test cluster, database replication is enabled.
    • After deploying to the prod cluster, database replication is enabled and Load balancer services are exposed.

    Advantage of Fleet:

    Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:

    1. Deploy gitRepo https://github.com/rancher/fleet-examples.git and specify the path multi-cluster/helm.
    2. Under multi-cluster/helm, a Helm chart will deploy the frontend app service and backend database service.
    3. The following rule will be defined in fleet.yaml: 
    targetCustomizations:
    - name: dev
      helm:
        values:
          replication: false
      clusterSelector:
        matchLabels:
          env: dev

    - name: test
      helm:
        values:
          replicas: 3
      clusterSelector:
        matchLabels:
          env: test

    - name: prod
      helm:
        values:
          serviceType: LoadBalancer
          replicas: 3
      clusterSelector:
        matchLabels:
          env: prod

    Result:

    Fleet will deploy the Helm chart with your customized values.yaml to the different clusters.

    Note: Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.

    Additional Examples​

    Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations -of the three are in the Fleet Examples repo.

    - +of the three are in the Fleet Examples repo.

    + \ No newline at end of file diff --git a/0.4/gitrepo-add.html b/0.4/gitrepo-add.html index 82847d7f1..4e33f1106 100644 --- a/0.4/gitrepo-add.html +++ b/0.4/gitrepo-add.html @@ -4,15 +4,15 @@ Adding a GitRepo | Fleet - +
    Skip to main content
    Version: 0.4

    Adding a GitRepo

    Proper namespace​

    Git repos are added to the Fleet manager using the GitRepo custom resource type. The GitRepo type is namespaced. By default, Rancher will create two Fleet workspaces: fleet-default and fleet-local.

    • Fleet-default will contain all the downstream clusters that are already registered through Rancher.
    • Fleet-local will contain the local cluster by default.

    If you are using Fleet in a single cluster style, the namespace will always be fleet-local. Check here for more on the fleet-local namespace.

    For a multi-cluster style, please ensure you use the correct repo that will map to the right target clusters.

    Create GitRepo instance​

    Git repositories are register by creating a GitRepo following the below YAML sample. Refer to the inline comments as the means of each field

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

    Adding Private Git Repository​

    Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace.

    For example, to generate a private ssh key

    ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"

    Note: The private key format has to be in EC PRIVATE KEY, RSA PRIVATE KEY or PRIVATE KEY and should not contain a passphase.

    Put your private key into secret, use the namespace the GitRepo is in:

    kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key  --type=kubernetes.io/ssh-auth
    caution

    Private key with passphrase is not supported.

    caution

    The key has to be in PEM format.

    Fleet supports putting known_hosts into ssh secret. Here is an example of how to add it:

    Fetch the public key hash(take github as an example)

    ssh-keyscan -H github.com

    And add it into secret:

    apiVersion: v1
    kind: Secret
    metadata:
      name: ssh-key
    type: kubernetes.io/ssh-auth
    stringData:
      ssh-privatekey: <private-key>
      known_hosts: |-
        |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
    danger

    If you don't add it any server's public key will be trusted and added. (ssh -o stricthostkeychecking=accept-new will be used)

    info

    If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.

    Using HTTP Auth​

    Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see HTTP secrets in Github.

    kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat

    Just like with SSH, reference the secret in your GitRepo resource via clientSecretName.

    spec:
      repo: https://github.com/fleetrepoci/gitjob-private.git
      branch: main
      clientSecretName: basic-auth-secret

    Using Private Helm Repositories​

    danger

    The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource. -Make sure you don't leak credentials by mixing public and private repositories. As a workaround, split them into different gitrepos.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    Troubleshooting

    See Fleet Troubleshooting section here.

    - +Make sure you don't leak credentials by mixing public and private repositories. As a workaround, split them into different gitrepos.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    Troubleshooting

    See Fleet Troubleshooting section here.

    + \ No newline at end of file diff --git a/0.4/gitrepo-structure.html b/0.4/gitrepo-structure.html index d8456589d..eb1ef6428 100644 --- a/0.4/gitrepo-structure.html +++ b/0.4/gitrepo-structure.html @@ -4,7 +4,7 @@ Expected Repo Structure | Fleet - + @@ -43,8 +43,8 @@ the contents a file the convention of adding _patch. (notice the tr will be replaced with . from the file name and that will be used as the target. For example deployment_patch.yaml will target deployment.yaml. The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch. Which strategy is used is based on the file content. Even though JSON strategies are used, the files can be written -using YAML syntax.

    Cluster and Bundle state​

    See Cluster and Bundle state.

    - +using YAML syntax.

    Cluster and Bundle state​

    See Cluster and Bundle state.

    + \ No newline at end of file diff --git a/0.4/gitrepo-targets.html b/0.4/gitrepo-targets.html index 6c7250745..c32f92438 100644 --- a/0.4/gitrepo-targets.html +++ b/0.4/gitrepo-targets.html @@ -4,7 +4,7 @@ Mapping to Downstream Clusters | Fleet - + @@ -18,8 +18,8 @@ One can use cluster selectors, cluster group selectors, or an explicit cluster g the final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the default value it is dropped from the criteria. The default value is either null or "". It is important to realize that the value {} for a selector means "match everything."

    # Match everything
    clusterSelector: {}
    # Selector ignored
    clusterSelector: null

    Default target​

    If no target is set for the GitRepo then the default targets value is applied. The default targets value is as below.

    targets:
    - name: default
      clusterGroup: default

    This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default -and add clusters to it.

    - +and add clusters to it.

    + \ No newline at end of file diff --git a/0.4/imagescan.html b/0.4/imagescan.html index 9de3eac77..b17f9eaff 100644 --- a/0.4/imagescan.html +++ b/0.4/imagescan.html @@ -4,15 +4,15 @@ Image scan | Fleet - +
    Skip to main content
    Version: 0.4

    Image scan

    Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository, without the need to manually update your manifests.

    caution

    This feature is considered as experimental feature.

    Go to fleet.yaml and add the following section.

    imageScans:
    # specify the policy to retrieve images, can be semver or alphabetical order 
    - policy: 
        # if range is specified, it will take the latest image according to semver order in the range
        # for more details on how to use semver, see https://github.com/Masterminds/semver
        semver: 
          range: "*" 
        # can use ascending or descending order
        alphabetical:
          order: asc 

      # specify images to scan
      image: "your.registry.com/repo/image" 

      # Specify the tag name, it has to be unique in the same bundle
      tagName: test-scan

      # specify secret to pull image if in private registry
      secretRef:
        name: dockerhub-secret 

      # Specify the scan interval
      interval: 5m
    info

    You can create multiple image scans in fleet.yaml.

    Go to your manifest files and update the field that you want to replace. For example:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: redis-slave
    spec:
      selector:
        matchLabels:
          app: redis
          role: slave
          tier: backend
      replicas: 2
      template:
        metadata:
          labels:
            app: redis
            role: slave
            tier: backend
        spec:
          containers:
          - name: slave
            image: <image>:<tag> # {"$imagescan": "test-scan"}
            resources:
              requests:
                cpu: 100m
                memory: 100Mi
            ports:
            - containerPort: 6379
    note

    There are multiple form of tagName you can reference. For example

    {"$imagescan": "test-scan"}: Use full image name(foo/bar:tag)

    {"$imagescan": "test-scan:name"}: Only use image name without tag(foo/bar)

    {"$imagescan": "test-scan:tag"}: Only use image tag

    {"$imagescan": "test-scan:digest"}: Use full image name with digest(foo/bar:tag@sha256...)

    Create a GitRepo that includes your fleet.yaml

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: my-repo
      namespace: fleet-local
    spec:
      # change this to be your own repo
      repo: https://github.com/rancher/fleet-examples 
      # define how long it will sync all the images and decide to apply change
      imageScanInterval: 5m 
      # user must properly provide a secret that have write access to git repository
      clientSecretName: secret 
      # specify the commit pattern
      imageScanCommit:
        authorName: foo
        authorEmail: foo@bar.com
        messageTemplate: "update image"

    Try pushing a new image tag, for example, <image>:<new-tag>. Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml. -Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    - +Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    + \ No newline at end of file diff --git a/0.4/installation.html b/0.4/installation.html index 106fa5f43..87b97d00d 100644 --- a/0.4/installation.html +++ b/0.4/installation.html @@ -4,7 +4,7 @@ Installation | Fleet - + @@ -13,8 +13,8 @@ Multi-Cluster install. The single cluster install is for if you wish to use GitOps to manage a single cluster, in which case you do not need a centralized manager cluster. In the multi-cluster use case you will setup a centralized manager cluster to which you can register clusters.

    If you are just learning Fleet the single cluster install is the recommended starting -point. After which you can move from single cluster to multi-cluster setup down the line.

    - +point. After which you can move from single cluster to multi-cluster setup down the line.

    + \ No newline at end of file diff --git a/0.4/manager-initiated.html b/0.4/manager-initiated.html index e5b2959f4..f4d66bc01 100644 --- a/0.4/manager-initiated.html +++ b/0.4/manager-initiated.html @@ -4,7 +4,7 @@ Manager Initiated | Fleet - + @@ -15,8 +15,8 @@ of the kubeconfig secret used in cluster-api. This means you can use cluster-api to create a cluster that is dynamically -registered with Fleet.

    Example​

    Kubeconfig Secret​

    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Cluster​

    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    - +registered with Fleet.

    Example​

    Kubeconfig Secret​

    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Cluster​

    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    + \ No newline at end of file diff --git a/0.4/multi-cluster-install.html b/0.4/multi-cluster-install.html index 645716018..922758c5e 100644 --- a/0.4/multi-cluster-install.html +++ b/0.4/multi-cluster-install.html @@ -4,7 +4,7 @@ Multi-cluster Install | Fleet - + @@ -35,8 +35,8 @@ only because the curl command is not setting proper credentials, but this valida connection work and the ca.pem is correct for this URL. If you get a SSL certificate problem then the ca.pem is not correct. The contents of the ${API_SERVER_CA} file should look similar to the below

    -----BEGIN CERTIFICATE-----
    MIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2
    ZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda
    MCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49
    AgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E
    0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE
    AwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs
    ciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN
    KDs/pb3fnMTtpA==
    -----END CERTIFICATE-----

    Once you have validated the API server URL and API server CA parameters, install the following two Helm charts.

    First install the Fleet CustomResourcesDefintions.

    helm -n cattle-fleet-system install --create-namespace --wait fleet-crd https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-0.4.1.tgz

    Second install the Fleet controllers.

    helm -n cattle-fleet-system install --create-namespace --wait \
        --set apiServerURL="${API_SERVER_URL}" \
        --set-file apiServerCA="${API_SERVER_CA}" \
        fleet https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-0.4.1.tgz

    Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    At this point the Fleet manager should be ready. You can now register clusters and git repos with -the Fleet manager.

    - +the Fleet manager.

    + \ No newline at end of file diff --git a/0.4/namespaces.html b/0.4/namespaces.html index c6bc471b4..41bde3861 100644 --- a/0.4/namespaces.html +++ b/0.4/namespaces.html @@ -4,7 +4,7 @@ Namespaces | Fleet - + @@ -35,8 +35,8 @@ be evaluated against all clusters in all namespaces that match namespaceSe bundles from git by putting labels in the fleet.yaml file or on the metadata.labels field on the GitRepo.

    Restricting GitRepos​

    A namespace can contain multiple GitRepoRestriction resources. All GitRepos created in that namespace will be checked against the list of restrictions. If a GitRepo violates one of the constraints its BundleDeployment will be -in an error state and won't be deployed.

    This can also be used to set the defaults for GitRepo's serviceAccount and clientSecretName fields.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: typically-unique
    allowedClientSecretNames: []
    allowedRepoPatterns: []
    allowedServiceAccounts: []
    defaultClientSecretName: ""
    defaultServiceAccount: ""
    - +in an error state and won't be deployed.

    This can also be used to set the defaults for GitRepo's serviceAccount and clientSecretName fields.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: typically-unique
    allowedClientSecretNames: []
    allowedRepoPatterns: []
    allowedServiceAccounts: []
    defaultClientSecretName: ""
    defaultServiceAccount: ""
    + \ No newline at end of file diff --git a/0.4/quickstart.html b/0.4/quickstart.html index fe6b922f4..ff2fc7789 100644 --- a/0.4/quickstart.html +++ b/0.4/quickstart.html @@ -4,15 +4,15 @@ Quick Start | Fleet - +
    Skip to main content
    Version: 0.4

    Quick Start

    Who needs documentation, lets just run this thing!

    Install​

    Get helm if you don't have it. Helm 3 is just a CLI and won't do bad insecure things to your cluster.

    brew install helm

    Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-v0.4.1.tgz
    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-v0.4.1.tgz

    Add a Git Repo to watch​

    Change spec.repo to your git repo of choice. Kubernetes manifest files that should -be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    + \ No newline at end of file diff --git a/0.4/single-cluster-install.html b/0.4/single-cluster-install.html index 391de0938..8a27c46b5 100644 --- a/0.4/single-cluster-install.html +++ b/0.4/single-cluster-install.html @@ -4,7 +4,7 @@ Single Cluster Install | Fleet - + @@ -18,8 +18,8 @@ fairly straight forward. To install the Helm 3 CLI follow the official install instructions. The TL;DR is

    macOS

    brew install helm

    Windows

    choco install kubernetes-helm

    Kubernetes​

    Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means 1.15 or greater.

    Install​

    Install the following two Helm charts.

    First install the Fleet CustomResourcesDefintions.

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-0.4.1.tgz

    Second install the Fleet controllers.

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-0.4.1.tgz

    Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by -running the below commands.

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    You can now register some git repos in the fleet-local namespace to start deploying Kubernetes resources.

    - +running the below commands.

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    You can now register some git repos in the fleet-local namespace to start deploying Kubernetes resources.

    + \ No newline at end of file diff --git a/0.4/troubleshooting.html b/0.4/troubleshooting.html index 2342c3186..941c3cb32 100644 --- a/0.4/troubleshooting.html +++ b/0.4/troubleshooting.html @@ -4,15 +4,15 @@ Troubleshooting | Fleet - +
    Skip to main content
    Version: 0.4

    Troubleshooting

    This section contains commands and tips to troubleshoot Fleet.

    How Do I...​

    Fetch the log from fleet-controller?​

    In the local management cluster where the fleet-controller is deployed, run the following command with your specific fleet-controller pod name filled in:

    $ kubectl logs -l app=fleet-controller -n cattle-fleet-system

    Fetch the log from the fleet-agent?​

    Go to each downstream cluster and run the following command for the local cluster with your specific fleet-agent pod name filled in:

    # Downstream cluster
    $ kubectl logs -l app=fleet-agent -n cattle-fleet-system
    # Local cluster
    $ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system

    Fetch detailed error logs from GitRepos and Bundles?​

    Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:

    • For more information about the bundle, click on bundle, and the YAML mode will be enabled.
    • For more information about the GitRepo, click on GitRepo, then click on View Yaml in the upper right of the screen. After viewing the YAML, check status.conditions; a detailed error message should be displayed here.
    • Check the fleet-controller for synching errors.
    • Check the fleet-agent log in the downstream cluster if you encounter issues when deploying the bundle.

    Check a chart rendering error in Kustomize?​

    Check the fleet-controller logs and the fleet-agent logs.

    Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?​

    Check the gitjob-controller logs using the following command with your specific gitjob pod name filled in:

    $ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system

    Note that there are two containers inside the pod: the step-git-source container that clones the git repo, and the fleet container that applies bundles based on the git repo.

    The pods will usually have images named rancher/tekton-utils with the gitRepo name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific gitRepoName pod name and namespace:

    $ kubectl logs -f $gitRepoName-pod-name -n namespace

    Check the status of the fleet-controller?​

    You can check the status of the fleet-controller pods by running the commands below:

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    Enable debug logging for fleet-controller and fleet-agent?​

    Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added.

    • Go to the Dashboard, then click on the local cluster in the left navigation menu
    • Select Apps & Marketplace, then Installed Apps from the dropdown
    • From there, you will upgrade the Fleet chart with the value debug=true. You can also set debugLevel=5 if desired.

    Additional Solutions for Other Fleet Issues​

    Naming conventions for CRDs​

    1. For CRD terms like clusters and gitrepos, you must reference the full CRD name. For example, the cluster CRD's complete name is cluster.fleet.cattle.io, and the gitrepo CRD's complete name is gitrepo.fleet.cattle.io.

    2. Bundles, which are created from the GitRepo, follow the pattern $gitrepoName-$path in the same workspace/namespace where the GitRepo was created. Note that $path is the path directory in the git repository that contains the bundle (fleet.yaml).

    3. BundleDeployments, which are created from the bundle, follow the pattern $bundleName-$clusterName in the namespace clusters-$workspace-$cluster-$generateHash. Note that $clusterName is the cluster to which the bundle will be deployed.

    HTTP secrets in Github​

    When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:

    1. Create a personal access token in Github.
    2. In Rancher, create an HTTP secret with your Github username.
    3. Use your token as the secret.

    Fleet fails with bad response code: 403​

    If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your fleet.yaml:

    time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"

    Perform the following steps to assess:

    • Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully
    • Check that your credentials for the git repo are valid

    Helm chart repo: certificate signed by unknown authority​

    If your GitJob returns the error below, you may have added the wrong certificate chain:

    time="2021-11-11T05:55:08Z" level=fatal msg="Get \"https://helm.intra/virtual-helm/index.yaml\": x509: certificate signed by unknown authority"

    Please verify your certificate with the following command:

    context=playground-local
    kubectl get secret -n fleet-default helm-repo -o jsonpath="{['data']['cacerts']}" --context $context | base64 -d | openssl x509 -text -noout
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71
            Signature Algorithm: sha512WithRSAEncryption
            Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3
    ...

    Fleet deployment stuck in modified state​

    When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.

    To ignore the modified flag for the differences between the Helm install generated by fleet.yaml and the resource in your cluster, add a diff.comparePatches to the fleet.yaml for your Deployment, as shown in this example:

    defaultNamespace: <namespace name> 
    helm:  
      releaseName: <release name>  
      repo: <repo name> 
      chart: <chart name>
    diff:  
      comparePatches:  
      - apiVersion: apps/v1
        kind: Deployment
        operations:
        - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}
        - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}
        jsonPointers: # jsonPointers allows to ignore diffs at certain json path
        - "/spec/template/spec/priorityClassName"
        - "/spec/template/spec/tolerations"

    To determine which operations should be removed, observe the logs from fleet-agent on the target cluster. You should see entries similar to the following:

    level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\"spec\":{\"template\":{\"spec\":{\"hostNetwork\":false}}}}"

    Based on the above log, you can add the following entry to remove the operation:

    {"op":"remove", "path":"/spec/template/spec/hostNetwork"}

    GitRepo or Bundle stuck in modified state​

    Modified means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository.

    1. Check the bundle diffs documentation for more information.

    2. You can also force update the gitrepo to perform a manual resync. Select GitRepo on the left navigation bar, then select Force Update.

    Bundle has a Horizontal Pod Autoscaler (HPA) in modified state​

    For bundles with an HPA, the expected state is Modified, as the bundle contains fields that differ from the state of the Bundle at deployment - usually ReplicaSet.

    You must define a patch in the fleet.yaml to ignore this field according to GitRepo or Bundle stuck in modified state.

    Here is an example of such a patch for the deployment nginx in namespace default:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: nginx
        namespace: default
        operations:
        - {"op": "remove", "path": "/spec/replicas"}

    What if the cluster is unavailable, or is in a WaitCheckIn state?​

    You will need to re-import and restart the registration process: Select Cluster on the left navigation bar, then select Force Update

    caution

    WaitCheckIn status for Rancher v2.5: The cluster will show in WaitCheckIn status because the fleet-controller is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the Rancher docs.

    GitRepo complains with gzip: invalid header​

    When you see an error like the one below ...

    Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header

    ... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content.

    Migrate the local cluster to the Fleet default cluster workspace?​

    Users can create new workspaces and move clusters across workspaces. -It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's currently not possible to move the local cluster from fleet-local to another workspace.

    + \ No newline at end of file diff --git a/0.4/uninstall.html b/0.4/uninstall.html index e758c5a7d..a43d8d7b6 100644 --- a/0.4/uninstall.html +++ b/0.4/uninstall.html @@ -4,15 +4,15 @@ Uninstall | Fleet - +
    Skip to main content
    Version: 0.4

    Uninstall

    Fleet is packaged as two Helm charts so uninstall is accomplished by uninstalling the appropriate Helm charts. To uninstall Fleet run the following -two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    + \ No newline at end of file diff --git a/0.4/webhook.html b/0.4/webhook.html index 35689dca4..bdf28a815 100644 --- a/0.4/webhook.html +++ b/0.4/webhook.html @@ -4,7 +4,7 @@ Webhook | Fleet - + @@ -12,8 +12,8 @@
    Skip to main content
    Version: 0.4

    Webhook

    By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs.

    1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.​

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: webhook-ingress
      namespace: cattle-fleet-system
    spec:
      rules:
      - host: your.domain.com
        http:
          paths:
            - path: /
              pathType: Prefix
              backend:
                service:
                  name: gitjob
                  port:
                    number: 80
    info

    You can configure TLS on ingress.

    2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.​

    Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default. If your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the -secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    - +secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    + \ No newline at end of file diff --git a/0.5.html b/0.5.html index 45d76e52b..62d6f79e5 100644 --- a/0.5.html +++ b/0.5.html @@ -4,13 +4,13 @@ Overview | Fleet - +
    -
    Skip to main content
    Version: 0.5

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.5

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    + \ No newline at end of file diff --git a/0.5/advanced-users.html b/0.5/advanced-users.html index bbdcc313b..dc9439637 100644 --- a/0.5/advanced-users.html +++ b/0.5/advanced-users.html @@ -4,13 +4,13 @@ Advanced Users | Fleet - +
    -
    Skip to main content
    Version: 0.5

    Advanced Users

    Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases.

    The following are examples of advanced use cases:

    Please refer to the installation and the uninstall documentation for additional information.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.5

    Advanced Users

    Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases.

    The following are examples of advanced use cases:

    Please refer to the installation and the uninstall documentation for additional information.

    + \ No newline at end of file diff --git a/0.5/agent-initiated.html b/0.5/agent-initiated.html index 9c6076213..98151945a 100644 --- a/0.5/agent-initiated.html +++ b/0.5/agent-initiated.html @@ -4,7 +4,7 @@ Agent Initiated | Fleet - + @@ -39,8 +39,8 @@ For the agent chart the namespace must be cattle-fleet-system and t Helm will use the default context in ${HOME}/.kube/config to deploy the agent. Use --kubeconfig and --kube-context to change which cluster Helm is installing to.

    Finally, install the agent using Helm.

    helm -n cattle-fleet-system install --create-namespace --wait \
        --set clientID="$CLUSTER_CLIENT_ID" \
        --values values.yaml \
        fleet-agent https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz

    The agent should now be deployed. You can check that status of the fleet pods by running the below commands.

    # Ensure kubectl is pointing to the right cluster
    kubectl -n cattle-fleet-system logs -l app=fleet-agent
    kubectl -n cattle-fleet-system get pods -l app=fleet-agent

    Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster was registered in the clusters namespace. Please ensure your ${HOME}/.kube/config is pointed to the Fleet -manager to run this command.

    kubectl -n clusters get clusters.fleet.cattle.io
    NAME                   BUNDLES-READY   NODES-READY   SAMPLE-NODE             LAST-SEEN              STATUS
    my-cluster             1/1             1/1           k3d-cluster2-server-0   2020-08-31T19:23:10Z
    - +manager to run this command.

    kubectl -n clusters get clusters.fleet.cattle.io
    NAME                   BUNDLES-READY   NODES-READY   SAMPLE-NODE             LAST-SEEN              STATUS
    my-cluster             1/1             1/1           k3d-cluster2-server-0   2020-08-31T19:23:10Z
    + \ No newline at end of file diff --git a/0.5/architecture.html b/0.5/architecture.html index 58a0258bb..1b2269111 100644 --- a/0.5/architecture.html +++ b/0.5/architecture.html @@ -4,7 +4,7 @@ Architecture | Fleet - + @@ -28,8 +28,8 @@ The cluster registration token is used only during the registration process to g to that cluster. After the cluster credential is established the cluster "forgets" the cluster registration token.

    The service accounts given to the clusters only have privileges to list BundleDeployment in the namespace created specifically for that cluster. It can also update the status subresource of BundleDeployment and the status -subresource of it's Cluster resource.

    - +subresource of it's Cluster resource.

    + \ No newline at end of file diff --git a/0.5/bundle-diffs.html b/0.5/bundle-diffs.html index 10b850e73..356893a11 100644 --- a/0.5/bundle-diffs.html +++ b/0.5/bundle-diffs.html @@ -4,14 +4,14 @@ Generating Diffs for Modified GitRepos | Fleet - +
    Skip to main content
    Version: 0.5

    Generating Diffs for Modified GitRepos

    Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.

    You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the Bundles section.

    The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the caBundle is empty and the CA cert is injected by the cluster.

    This leads the status of the bundle and associated GitRepo to be reported as "Modified"

    Associated Bundle -

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and 

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and 

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    + \ No newline at end of file diff --git a/0.5/changelogs.html b/0.5/changelogs.html index 7fe324895..429e679bb 100644 --- a/0.5/changelogs.html +++ b/0.5/changelogs.html @@ -4,13 +4,13 @@ 0.5 Changelogs | Fleet - +
    -
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    + \ No newline at end of file diff --git a/0.5/changelogs/changelogs/v0.5.0.html b/0.5/changelogs/changelogs/v0.5.0.html index fd50e141c..ed89d9156 100644 --- a/0.5/changelogs/changelogs/v0.5.0.html +++ b/0.5/changelogs/changelogs/v0.5.0.html @@ -4,13 +4,13 @@ v0.5.0 | Fleet - +
    -
    Skip to main content
    Version: 0.5

    v0.5.0

    • (rancherio-gh-m) released this 2022-11-10 17:33:25 +0000 UTC*

    Description​

    Additions

    • Add support for OCI registry based charts in #975
    • Adds priorityClassName to deployments in #983
    • Support cluster specific registry in #984, #1060
    • Add cluster labels to agent config creation

    Bug Fixes

    • Fix long bundle names in #964
    • Remove ignored fields from status struct, to avoid loop in #990
    • Fix for cluster registration token performance degradation in #998
    • Fix authentication for OCI images in #998
    • Stop requeuing on failed deployments in #1045

    Changes

    • Updating GitJob to 0.1.32 in #972
    • Setting the Kubernetes libs at 0.24.5 in #981
    • Bump bci/bci-base 15.4.27.11.23 in #989

    Full Changelog: v0.4.0...v0.5.0

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.5

    v0.5.0

    • (rancherio-gh-m) released this 2022-11-10 17:33:25 +0000 UTC*

    Description​

    Additions

    • Add support for OCI registry based charts in #975
    • Adds priorityClassName to deployments in #983
    • Support cluster specific registry in #984, #1060
    • Add cluster labels to agent config creation

    Bug Fixes

    • Fix long bundle names in #964
    • Remove ignored fields from status struct, to avoid loop in #990
    • Fix for cluster registration token performance degradation in #998
    • Fix authentication for OCI images in #998
    • Stop requeuing on failed deployments in #1045

    Changes

    • Updating GitJob to 0.1.32 in #972
    • Setting the Kubernetes libs at 0.24.5 in #981
    • Bump bci/bci-base 15.4.27.11.23 in #989

    Full Changelog: v0.4.0...v0.5.0

    Download​

    Information retrieved from here

    + \ No newline at end of file diff --git a/0.5/changelogs/changelogs/v0.5.1.html b/0.5/changelogs/changelogs/v0.5.1.html index 8c01754a9..6ca8b7ec5 100644 --- a/0.5/changelogs/changelogs/v0.5.1.html +++ b/0.5/changelogs/changelogs/v0.5.1.html @@ -4,13 +4,13 @@ v0.5.1 | Fleet - +
    -
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.5

    v0.5.1

    • (rancherio-gh-m) released this 2023-01-23 14:09:59 +0000 UTC*

    Description​

    • Fix git validation problem in wrangler

    Full Changelog: v0.5.0...v0.5.1

    Download​

    Information retrieved from here

    + \ No newline at end of file diff --git a/0.5/changelogs/changelogs/v0.5.2.html b/0.5/changelogs/changelogs/v0.5.2.html index 07c5783b9..dda94e52f 100644 --- a/0.5/changelogs/changelogs/v0.5.2.html +++ b/0.5/changelogs/changelogs/v0.5.2.html @@ -4,13 +4,13 @@ v0.5.2 | Fleet - +
    -
    Skip to main content
    Version: 0.5

    v0.5.2

    • (rancherio-gh-m) released this 2023-02-23 08:01:03 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.5.0...v0.5.2

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.5

    v0.5.2

    • (rancherio-gh-m) released this 2023-02-23 08:01:03 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.5.0...v0.5.2

    Download​

    Information retrieved from here

    + \ No newline at end of file diff --git a/0.5/changelogs/changelogs/v0.5.3.html b/0.5/changelogs/changelogs/v0.5.3.html index 46412e74d..ee09ed29b 100644 --- a/0.5/changelogs/changelogs/v0.5.3.html +++ b/0.5/changelogs/changelogs/v0.5.3.html @@ -4,13 +4,13 @@ v0.5.3 | Fleet - +
    -
    Skip to main content
    Version: 0.5

    v0.5.3

    • (rancherio-gh-m) released this 2023-03-06 15:56:56 +0000 UTC*

    Description​

    Notes

    Upgrading the Fleet helm chart upgrades the fleet-controller and its config. To avoid race conditions while fleet-controller starts updating the fleet-agents, we propose to scale down the fleet-controller to zero replicas before starting the upgrade.

    When using Fleet in Rancher and updating from Rancher 2.5, the default installation namespace for fleet changes from fleet-system to cattle-fleet-system. This release adds code to re-deploy the agents if necessary, to regenerate their config in the new namespace. Once the new agent is running and the cluster resources status is ok, it's fine to delete any leftover fleet-system namespaces. In older versions of fleet, it's possible to rancher/rancher#40127 (comment) into the new namespace, or to rancher/rancher#40127 (comment).

    Additions

    • Backport "Reading contents&secrets uses specific service account" by @thardeck in #1298

    Bugfixes

    What's Changed

    Full Changelog: v0.5.0...v0.5.3

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.5

    v0.5.3

    • (rancherio-gh-m) released this 2023-03-06 15:56:56 +0000 UTC*

    Description​

    Notes

    Upgrading the Fleet helm chart upgrades the fleet-controller and its config. To avoid race conditions while fleet-controller starts updating the fleet-agents, we propose to scale down the fleet-controller to zero replicas before starting the upgrade.

    When using Fleet in Rancher and updating from Rancher 2.5, the default installation namespace for fleet changes from fleet-system to cattle-fleet-system. This release adds code to re-deploy the agents if necessary, to regenerate their config in the new namespace. Once the new agent is running and the cluster resources status is ok, it's fine to delete any leftover fleet-system namespaces. In older versions of fleet, it's possible to rancher/rancher#40127 (comment) into the new namespace, or to rancher/rancher#40127 (comment).

    Additions

    • Backport "Reading contents&secrets uses specific service account" by @thardeck in #1298

    Bugfixes

    What's Changed

    Full Changelog: v0.5.0...v0.5.3

    Download​

    Information retrieved from here

    + \ No newline at end of file diff --git a/0.5/cluster-bundles-state.html b/0.5/cluster-bundles-state.html index 07633f53a..a7ad6b1a2 100644 --- a/0.5/cluster-bundles-state.html +++ b/0.5/cluster-bundles-state.html @@ -4,13 +4,13 @@ Cluster and Bundle state | Fleet - +
    -
    Skip to main content
    Version: 0.5

    Cluster and Bundle state

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.5

    Cluster and Bundle state

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    + \ No newline at end of file diff --git a/0.5/cluster-group.html b/0.5/cluster-group.html index 4a02d0861..f9ba1f3f0 100644 --- a/0.5/cluster-group.html +++ b/0.5/cluster-group.html @@ -4,7 +4,7 @@ Cluster Groups | Fleet - + @@ -13,8 +13,8 @@ The only parameter for a cluster group is essentially the selector. When you get to a certain scale cluster groups become a more reasonable way to manage your clusters. Cluster groups serve the purpose of giving aggregated -status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    - +status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    + \ No newline at end of file diff --git a/0.5/cluster-overview.html b/0.5/cluster-overview.html index 2f5031eb1..bdf8326eb 100644 --- a/0.5/cluster-overview.html +++ b/0.5/cluster-overview.html @@ -4,7 +4,7 @@ Overview | Fleet - + @@ -24,8 +24,8 @@ manager must be able to communicate with the downstream cluster API server for t After the cluster is registered there is no further need for the manager to contact the downstream cluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes clusters through GitOps using something like cluster-api -or Rancher.

    - +or Rancher.

    + \ No newline at end of file diff --git a/0.5/cluster-tokens.html b/0.5/cluster-tokens.html index 7b21216b5..50eb6dfff 100644 --- a/0.5/cluster-tokens.html +++ b/0.5/cluster-tokens.html @@ -4,7 +4,7 @@ Cluster Registration Tokens | Fleet - + @@ -26,8 +26,8 @@ are used in Fleet refer to the documentation on namesp token with the below YAML.

    kind: ClusterRegistrationToken
    apiVersion: "fleet.cattle.io/v1alpha1"
    metadata:
        name: new-token
        namespace: clusters
    spec:
        # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.
        ttl: 240h

    After the ClusterRegistrationToken is created, Fleet will create a corresponding Secret with the same name. As the Secret creation is performed asynchronously, you will need to wait until it's available before using it.

    One way to do so is via the following one-liner:

    while ! kubectl --namespace=clusters  get secret new-token; do sleep 5; done

    Obtaining Token Value (Agent values.yaml)​

    The token value contains YAML content for a values.yaml file that is expected to be passed to helm install to install the Fleet agent on a downstream cluster.

    Such value is contained in the values field of the Secret mentioned above. To obtain the YAML content for the -above example one can run the following one-liner:

    kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml

    Once the values.yaml is ready it can be used repeatedly by clusters to register until the TTL expires.

    - +above example one can run the following one-liner:

    kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml

    Once the values.yaml is ready it can be used repeatedly by clusters to register until the TTL expires.

    + \ No newline at end of file diff --git a/0.5/concepts.html b/0.5/concepts.html index 6ca3e2b61..320a6dbed 100644 --- a/0.5/concepts.html +++ b/0.5/concepts.html @@ -4,7 +4,7 @@ Core Concepts | Fleet - + @@ -24,8 +24,8 @@ Regardless of the source the contents are dynamically rendered into a Helm chart and installed into the downstream cluster as a helm release.

  • BundleDeployment: When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for -the cluster the agent is managing.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • - +the cluster the agent is managing.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • + \ No newline at end of file diff --git a/0.5/examples.html b/0.5/examples.html index c09e9a3b4..1f732768e 100644 --- a/0.5/examples.html +++ b/0.5/examples.html @@ -4,14 +4,14 @@ Examples | Fleet - +
    Skip to main content
    Version: 0.5

    Examples

    Lifecycle of a Fleet Bundle​

    To demonstrate the lifecycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    Deploy Kubernetes Manifests Across Clusters with Customization​

    Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.

    To demonstrate how to deploy Kubernetes manifests across different clusters using Fleet, we will use multi-cluster/helm/fleet.yaml as a case study.

    Situation: User has three clusters with three different labels: env=dev, env=test, and env=prod. User wants to deploy a frontend application with a backend database across these clusters.

    Expected behavior:

    • After deploying to the dev cluster, database replication is not enabled.
    • After deploying to the test cluster, database replication is enabled.
    • After deploying to the prod cluster, database replication is enabled and Load balancer services are exposed.

    Advantage of Fleet:

    Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:

    1. Deploy gitRepo https://github.com/rancher/fleet-examples.git and specify the path multi-cluster/helm.
    2. Under multi-cluster/helm, a Helm chart will deploy the frontend app service and backend database service.
    3. The following rule will be defined in fleet.yaml: 
    targetCustomizations:
    - name: dev
      helm:
        values:
          replication: false
      clusterSelector:
        matchLabels:
          env: dev

    - name: test
      helm:
        values:
          replicas: 3
      clusterSelector:
        matchLabels:
          env: test

    - name: prod
      helm:
        values:
          serviceType: LoadBalancer
          replicas: 3
      clusterSelector:
        matchLabels:
          env: prod

    Result:

    Fleet will deploy the Helm chart with your customized values.yaml to the different clusters.

    Note: Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.

    Additional Examples​

    Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations -of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +of the three are in the Fleet Examples repo.

    + \ No newline at end of file diff --git a/0.5/gitrepo-add.html b/0.5/gitrepo-add.html index bb011bb86..4c9e76e02 100644 --- a/0.5/gitrepo-add.html +++ b/0.5/gitrepo-add.html @@ -4,15 +4,15 @@ Adding a GitRepo | Fleet - +
    Skip to main content
    Version: 0.5

    Adding a GitRepo

    Proper namespace​

    Git repos are added to the Fleet manager using the GitRepo custom resource type. The GitRepo type is namespaced. By default, Rancher will create two Fleet workspaces: fleet-default and fleet-local.

    • Fleet-default will contain all the downstream clusters that are already registered through Rancher.
    • Fleet-local will contain the local cluster by default.

    If you are using Fleet in a single cluster style, the namespace will always be fleet-local. Check here for more on the fleet-local namespace.

    For a multi-cluster style, please ensure you use the correct repo that will map to the right target clusters.

    Create GitRepo instance​

    Git repositories are register by creating a GitRepo following the below YAML sample. Refer to the inline comments as the means of each field

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

    Adding Private Git Repository​

    Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace.

    For example, to generate a private ssh key

    ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"

    Note: The private key format has to be in EC PRIVATE KEY, RSA PRIVATE KEY or PRIVATE KEY and should not contain a passphase.

    Put your private key into secret, use the namespace the GitRepo is in:

    kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key  --type=kubernetes.io/ssh-auth
    caution

    Private key with passphrase is not supported.

    caution

    The key has to be in PEM format.

    Fleet supports putting known_hosts into ssh secret. Here is an example of how to add it:

    Fetch the public key hash(take github as an example)

    ssh-keyscan -H github.com

    And add it into secret:

    apiVersion: v1
    kind: Secret
    metadata:
      name: ssh-key
    type: kubernetes.io/ssh-auth
    stringData:
      ssh-privatekey: <private-key>
      known_hosts: |-
        |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
    danger

    If you don't add it any server's public key will be trusted and added. (ssh -o stricthostkeychecking=accept-new will be used)

    info

    If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.

    Using HTTP Auth​

    Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see HTTP secrets in Github.

    kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat

    Just like with SSH, reference the secret in your GitRepo resource via clientSecretName.

    spec:
      repo: https://github.com/fleetrepoci/gitjob-private.git
      branch: main
      clientSecretName: basic-auth-secret

    Using Private Helm Repositories​

    danger

    The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource. -Make sure you don't leak credentials by mixing public and private repositories. As a workaround, split them into different gitrepos.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Make sure you don't leak credentials by mixing public and private repositories. As a workaround, split them into different gitrepos.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    Troubleshooting

    See Fleet Troubleshooting section here.

    + \ No newline at end of file diff --git a/0.5/gitrepo-structure.html b/0.5/gitrepo-structure.html index 93567faec..f64fd449e 100644 --- a/0.5/gitrepo-structure.html +++ b/0.5/gitrepo-structure.html @@ -4,7 +4,7 @@ Expected Repo Structure | Fleet - + @@ -43,8 +43,8 @@ the contents a file the convention of adding _patch. (notice the tr will be replaced with . from the file name and that will be used as the target. For example deployment_patch.yaml will target deployment.yaml. The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch. Which strategy is used is based on the file content. Even though JSON strategies are used, the files can be written -using YAML syntax.

    Cluster and Bundle state​

    See Cluster and Bundle state.

    - +using YAML syntax.

    Cluster and Bundle state​

    See Cluster and Bundle state.

    + \ No newline at end of file diff --git a/0.5/gitrepo-targets.html b/0.5/gitrepo-targets.html index 572a647b7..231d74a67 100644 --- a/0.5/gitrepo-targets.html +++ b/0.5/gitrepo-targets.html @@ -4,7 +4,7 @@ Mapping to Downstream Clusters | Fleet - + @@ -18,8 +18,8 @@ One can use cluster selectors, cluster group selectors, or an explicit cluster g the final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the default value it is dropped from the criteria. The default value is either null or "". It is important to realize that the value {} for a selector means "match everything."

    # Match everything
    clusterSelector: {}
    # Selector ignored
    clusterSelector: null

    Default target​

    If no target is set for the GitRepo then the default targets value is applied. The default targets value is as below.

    targets:
    - name: default
      clusterGroup: default

    This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default -and add clusters to it.

    - +and add clusters to it.

    + \ No newline at end of file diff --git a/0.5/imagescan.html b/0.5/imagescan.html index 8646e6530..64a99f2bf 100644 --- a/0.5/imagescan.html +++ b/0.5/imagescan.html @@ -4,15 +4,15 @@ Image scan | Fleet - +
    Skip to main content
    Version: 0.5

    Image scan

    Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository, without the need to manually update your manifests.

    caution

    This feature is considered as experimental feature.

    Go to fleet.yaml and add the following section.

    imageScans:
    # specify the policy to retrieve images, can be semver or alphabetical order 
    - policy: 
        # if range is specified, it will take the latest image according to semver order in the range
        # for more details on how to use semver, see https://github.com/Masterminds/semver
        semver: 
          range: "*" 
        # can use ascending or descending order
        alphabetical:
          order: asc 

      # specify images to scan
      image: "your.registry.com/repo/image" 

      # Specify the tag name, it has to be unique in the same bundle
      tagName: test-scan

      # specify secret to pull image if in private registry
      secretRef:
        name: dockerhub-secret 

      # Specify the scan interval
      interval: 5m
    info

    You can create multiple image scans in fleet.yaml.

    Go to your manifest files and update the field that you want to replace. For example:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: redis-slave
    spec:
      selector:
        matchLabels:
          app: redis
          role: slave
          tier: backend
      replicas: 2
      template:
        metadata:
          labels:
            app: redis
            role: slave
            tier: backend
        spec:
          containers:
          - name: slave
            image: <image>:<tag> # {"$imagescan": "test-scan"}
            resources:
              requests:
                cpu: 100m
                memory: 100Mi
            ports:
            - containerPort: 6379
    note

    There are multiple form of tagName you can reference. For example

    {"$imagescan": "test-scan"}: Use full image name(foo/bar:tag)

    {"$imagescan": "test-scan:name"}: Only use image name without tag(foo/bar)

    {"$imagescan": "test-scan:tag"}: Only use image tag

    {"$imagescan": "test-scan:digest"}: Use full image name with digest(foo/bar:tag@sha256...)

    Create a GitRepo that includes your fleet.yaml

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: my-repo
      namespace: fleet-local
    spec:
      # change this to be your own repo
      repo: https://github.com/rancher/fleet-examples 
      # define how long it will sync all the images and decide to apply change
      imageScanInterval: 5m 
      # user must properly provide a secret that have write access to git repository
      clientSecretName: secret 
      # specify the commit pattern
      imageScanCommit:
        authorName: foo
        authorEmail: foo@bar.com
        messageTemplate: "update image"

    Try pushing a new image tag, for example, <image>:<new-tag>. Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml. -Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    + \ No newline at end of file diff --git a/0.5/installation.html b/0.5/installation.html index c019e47c1..6382f7b6f 100644 --- a/0.5/installation.html +++ b/0.5/installation.html @@ -4,7 +4,7 @@ Installation | Fleet - + @@ -13,8 +13,8 @@ Multi-Cluster install. The single cluster install is for if you wish to use GitOps to manage a single cluster, in which case you do not need a centralized manager cluster. In the multi-cluster use case you will setup a centralized manager cluster to which you can register clusters.

    If you are just learning Fleet the single cluster install is the recommended starting -point. After which you can move from single cluster to multi-cluster setup down the line.

    - +point. After which you can move from single cluster to multi-cluster setup down the line.

    + \ No newline at end of file diff --git a/0.5/manager-initiated.html b/0.5/manager-initiated.html index 658b79bf8..e78275b23 100644 --- a/0.5/manager-initiated.html +++ b/0.5/manager-initiated.html @@ -4,7 +4,7 @@ Manager Initiated | Fleet - + @@ -15,8 +15,8 @@ of the kubeconfig secret used in cluster-api. This means you can use cluster-api to create a cluster that is dynamically -registered with Fleet.

    Example​

    Kubeconfig Secret​

    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Cluster​

    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    - +registered with Fleet.

    Example​

    Kubeconfig Secret​

    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Cluster​

    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    + \ No newline at end of file diff --git a/0.5/multi-cluster-install.html b/0.5/multi-cluster-install.html index b6d050de2..6e96386dd 100644 --- a/0.5/multi-cluster-install.html +++ b/0.5/multi-cluster-install.html @@ -4,7 +4,7 @@ Multi Cluster Install | Fleet - + @@ -35,8 +35,8 @@ only because the curl command is not setting proper credentials, but this valida connection work and the ca.pem is correct for this URL. If you get a SSL certificate problem then the ca.pem is not correct. The contents of the ${API_SERVER_CA} file should look similar to the below

    -----BEGIN CERTIFICATE-----
    MIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2
    ZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda
    MCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49
    AgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E
    0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE
    AwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs
    ciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN
    KDs/pb3fnMTtpA==
    -----END CERTIFICATE-----

    Once you have validated the API server URL and API server CA parameters, install the following two Helm charts.

    First install the Fleet CustomResourcesDefintions.

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz

    Second install the Fleet controllers.

    helm -n cattle-fleet-system install --create-namespace --wait \
        --set apiServerURL="${API_SERVER_URL}" \
        --set-file apiServerCA="${API_SERVER_CA}" \
        fleet https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz

    Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    At this point the Fleet manager should be ready. You can now register clusters and git repos with -the Fleet manager.

    - +the Fleet manager.

    + \ No newline at end of file diff --git a/0.5/namespaces.html b/0.5/namespaces.html index b7758aacd..39224e3e0 100644 --- a/0.5/namespaces.html +++ b/0.5/namespaces.html @@ -4,7 +4,7 @@ Namespaces | Fleet - + @@ -35,8 +35,8 @@ be evaluated against all clusters in all namespaces that match namespaceSe bundles from git by putting labels in the fleet.yaml file or on the metadata.labels field on the GitRepo.

    Restricting GitRepos​

    A namespace can contain multiple GitRepoRestriction resources. All GitRepos created in that namespace will be checked against the list of restrictions. If a GitRepo violates one of the constraints its BundleDeployment will be -in an error state and won't be deployed.

    This can also be used to set the defaults for GitRepo's serviceAccount and clientSecretName fields.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: typically-unique
    allowedClientSecretNames: []
    allowedRepoPatterns: []
    allowedServiceAccounts: []
    defaultClientSecretName: ""
    defaultServiceAccount: ""
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +in an error state and won't be deployed.

    This can also be used to set the defaults for GitRepo's serviceAccount and clientSecretName fields.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: typically-unique
    allowedClientSecretNames: []
    allowedRepoPatterns: []
    allowedServiceAccounts: []
    defaultClientSecretName: ""
    defaultServiceAccount: ""
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.5/quickstart.html b/0.5/quickstart.html index bbf4faad1..7e2d459d0 100644 --- a/0.5/quickstart.html +++ b/0.5/quickstart.html @@ -4,15 +4,15 @@ Quick Start | Fleet - +
    Skip to main content
    Version: 0.5

    Quick Start

    Who needs documentation, lets just run this thing!

    Install​

    Get helm if you don't have it. Helm 3 is just a CLI and won't do bad insecure things to your cluster.

    brew install helm

    Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz
    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz

    Add a Git Repo to watch​

    Change spec.repo to your git repo of choice. Kubernetes manifest files that should -be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.5/single-cluster-install.html b/0.5/single-cluster-install.html index ae1869121..1108566e0 100644 --- a/0.5/single-cluster-install.html +++ b/0.5/single-cluster-install.html @@ -4,7 +4,7 @@ Single Cluster Install | Fleet - + @@ -18,8 +18,8 @@ fairly straight forward. To install the Helm 3 CLI follow the official install instructions. The TL;DR is

    macOS

    brew install helm

    Windows

    choco install kubernetes-helm

    Kubernetes​

    Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means 1.15 or greater.

    Install​

    Install the following two Helm charts.

    First install the Fleet CustomResourcesDefintions.

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz

    Second install the Fleet controllers.

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz

    Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by -running the below commands.

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    You can now register some git repos in the fleet-local namespace to start deploying Kubernetes resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +running the below commands.

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    You can now register some git repos in the fleet-local namespace to start deploying Kubernetes resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.5/troubleshooting.html b/0.5/troubleshooting.html index a10abfe96..ea5054e06 100644 --- a/0.5/troubleshooting.html +++ b/0.5/troubleshooting.html @@ -4,15 +4,15 @@ Troubleshooting | Fleet - +
    Skip to main content
    Version: 0.5

    Troubleshooting

    This section contains commands and tips to troubleshoot Fleet.

    How Do I...​

    Fetch the log from fleet-controller?​

    In the local management cluster where the fleet-controller is deployed, run the following command with your specific fleet-controller pod name filled in:

    $ kubectl logs -l app=fleet-controller -n cattle-fleet-system

    Fetch the log from the fleet-agent?​

    Go to each downstream cluster and run the following command for the local cluster with your specific fleet-agent pod name filled in:

    # Downstream cluster
    $ kubectl logs -l app=fleet-agent -n cattle-fleet-system
    # Local cluster
    $ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system

    Fetch detailed error logs from GitRepos and Bundles?​

    Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:

    • For more information about the bundle, click on bundle, and the YAML mode will be enabled.
    • For more information about the GitRepo, click on GitRepo, then click on View Yaml in the upper right of the screen. After viewing the YAML, check status.conditions; a detailed error message should be displayed here.
    • Check the fleet-controller for synching errors.
    • Check the fleet-agent log in the downstream cluster if you encounter issues when deploying the bundle.

    Check a chart rendering error in Kustomize?​

    Check the fleet-controller logs and the fleet-agent logs.

    Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?​

    Check the gitjob-controller logs using the following command with your specific gitjob pod name filled in:

    $ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system

    Note that there are two containers inside the pod: the step-git-source container that clones the git repo, and the fleet container that applies bundles based on the git repo.

    The pods will usually have images named rancher/tekton-utils with the gitRepo name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific gitRepoName pod name and namespace:

    $ kubectl logs -f $gitRepoName-pod-name -n namespace

    Check the status of the fleet-controller?​

    You can check the status of the fleet-controller pods by running the commands below:

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    Enable debug logging for fleet-controller and fleet-agent?​

    Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added.

    • Go to the Dashboard, then click on the local cluster in the left navigation menu
    • Select Apps & Marketplace, then Installed Apps from the dropdown
    • From there, you will upgrade the Fleet chart with the value debug=true. You can also set debugLevel=5 if desired.

    Additional Solutions for Other Fleet Issues​

    Naming conventions for CRDs​

    1. For CRD terms like clusters and gitrepos, you must reference the full CRD name. For example, the cluster CRD's complete name is cluster.fleet.cattle.io, and the gitrepo CRD's complete name is gitrepo.fleet.cattle.io.

    2. Bundles, which are created from the GitRepo, follow the pattern $gitrepoName-$path in the same workspace/namespace where the GitRepo was created. Note that $path is the path directory in the git repository that contains the bundle (fleet.yaml).

    3. BundleDeployments, which are created from the bundle, follow the pattern $bundleName-$clusterName in the namespace clusters-$workspace-$cluster-$generateHash. Note that $clusterName is the cluster to which the bundle will be deployed.

    HTTP secrets in Github​

    When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:

    1. Create a personal access token in Github.
    2. In Rancher, create an HTTP secret with your Github username.
    3. Use your token as the secret.

    Fleet fails with bad response code: 403​

    If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your fleet.yaml:

    time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"

    Perform the following steps to assess:

    • Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully
    • Check that your credentials for the git repo are valid

    Helm chart repo: certificate signed by unknown authority​

    If your GitJob returns the error below, you may have added the wrong certificate chain:

    time="2021-11-11T05:55:08Z" level=fatal msg="Get \"https://helm.intra/virtual-helm/index.yaml\": x509: certificate signed by unknown authority"

    Please verify your certificate with the following command:

    context=playground-local
    kubectl get secret -n fleet-default helm-repo -o jsonpath="{['data']['cacerts']}" --context $context | base64 -d | openssl x509 -text -noout
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71
            Signature Algorithm: sha512WithRSAEncryption
            Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3
    ...

    Fleet deployment stuck in modified state​

    When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.

    To ignore the modified flag for the differences between the Helm install generated by fleet.yaml and the resource in your cluster, add a diff.comparePatches to the fleet.yaml for your Deployment, as shown in this example:

    defaultNamespace: <namespace name> 
    helm:  
      releaseName: <release name>  
      repo: <repo name> 
      chart: <chart name>
    diff:  
      comparePatches:  
      - apiVersion: apps/v1
        kind: Deployment
        operations:
        - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}
        - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}
        jsonPointers: # jsonPointers allows to ignore diffs at certain json path
        - "/spec/template/spec/priorityClassName"
        - "/spec/template/spec/tolerations"

    To determine which operations should be removed, observe the logs from fleet-agent on the target cluster. You should see entries similar to the following:

    level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\"spec\":{\"template\":{\"spec\":{\"hostNetwork\":false}}}}"

    Based on the above log, you can add the following entry to remove the operation:

    {"op":"remove", "path":"/spec/template/spec/hostNetwork"}

    GitRepo or Bundle stuck in modified state​

    Modified means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository.

    1. Check the bundle diffs documentation for more information.

    2. You can also force update the gitrepo to perform a manual resync. Select GitRepo on the left navigation bar, then select Force Update.

    Bundle has a Horizontal Pod Autoscaler (HPA) in modified state​

    For bundles with an HPA, the expected state is Modified, as the bundle contains fields that differ from the state of the Bundle at deployment - usually ReplicaSet.

    You must define a patch in the fleet.yaml to ignore this field according to GitRepo or Bundle stuck in modified state.

    Here is an example of such a patch for the deployment nginx in namespace default:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: nginx
        namespace: default
        operations:
        - {"op": "remove", "path": "/spec/replicas"}

    What if the cluster is unavailable, or is in a WaitCheckIn state?​

    You will need to re-import and restart the registration process: Select Cluster on the left navigation bar, then select Force Update

    caution

    WaitCheckIn status for Rancher v2.5: The cluster will show in WaitCheckIn status because the fleet-controller is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the Rancher docs.

    GitRepo complains with gzip: invalid header​

    When you see an error like the one below ...

    Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header

    ... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content.

    Migrate the local cluster to the Fleet default cluster workspace?​

    Users can create new workspaces and move clusters across workspaces. -It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.5/uninstall.html b/0.5/uninstall.html index fb73b4499..3b77c6978 100644 --- a/0.5/uninstall.html +++ b/0.5/uninstall.html @@ -4,15 +4,15 @@ Uninstall | Fleet - +
    Skip to main content
    Version: 0.5

    Uninstall

    Fleet is packaged as two Helm charts so uninstall is accomplished by uninstalling the appropriate Helm charts. To uninstall Fleet run the following -two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.5/webhook.html b/0.5/webhook.html index df33dc276..9aef2b08c 100644 --- a/0.5/webhook.html +++ b/0.5/webhook.html @@ -4,7 +4,7 @@ Webhook | Fleet - + @@ -12,8 +12,8 @@
    Skip to main content
    Version: 0.5

    Webhook

    By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs.

    1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.​

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: webhook-ingress
      namespace: cattle-fleet-system
    spec:
      rules:
      - host: your.domain.com
        http:
          paths:
            - path: /
              pathType: Prefix
              backend:
                service:
                  name: gitjob
                  port:
                    number: 80
    info

    You can configure TLS on ingress.

    2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.​

    Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default. If your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the -secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6.html b/0.6.html index 02a47c5c0..b0dd7613d 100644 --- a/0.6.html +++ b/0.6.html @@ -4,13 +4,13 @@ Overview | Fleet - +
    -
    Skip to main content
    Version: 0.6

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/architecture.html b/0.6/architecture.html index 60e3fd5d0..a7441fac7 100644 --- a/0.6/architecture.html +++ b/0.6/architecture.html @@ -4,7 +4,7 @@ Architecture | Fleet - + @@ -28,8 +28,8 @@ The cluster registration token is used only during the registration process to g to that cluster. After the cluster credential is established the cluster "forgets" the cluster registration token.

    The service accounts given to the clusters only have privileges to list BundleDeployment in the namespace created specifically for that cluster. It can also update the status subresource of BundleDeployment and the status -subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/bundle-diffs.html b/0.6/bundle-diffs.html index 16a71d6c6..980c44704 100644 --- a/0.6/bundle-diffs.html +++ b/0.6/bundle-diffs.html @@ -4,14 +4,14 @@ Generating Diffs to Ignore Modified GitRepos | Fleet - +
    Skip to main content
    Version: 0.6

    Generating Diffs to Ignore Modified GitRepos

    Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.

    You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the Bundles section.

    The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the caBundle is empty and the CA cert is injected by the cluster.

    This leads the status of the bundle and associated GitRepo to be reported as "Modified"

    Associated Bundle -

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    https://github.com/rancher/fleet-examples/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and 

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    https://github.com/rancher/fleet-examples/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and 

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/changelogs.html b/0.6/changelogs.html index a04c5d38c..cfc481e6d 100644 --- a/0.6/changelogs.html +++ b/0.6/changelogs.html @@ -4,13 +4,13 @@ 0.6 Changelogs | Fleet - +
    -
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/changelogs/changelogs/v0.6.0.html b/0.6/changelogs/changelogs/v0.6.0.html index 5f3e7b1f5..3586ef1d4 100644 --- a/0.6/changelogs/changelogs/v0.6.0.html +++ b/0.6/changelogs/changelogs/v0.6.0.html @@ -4,13 +4,13 @@ v0.6.0 | Fleet - +
    -
    Skip to main content
    Version: 0.6

    v0.6.0

    • (rancherio-gh-m) released this 2023-04-05 13:35:35 +0000 UTC*

    Description​

    Notes

    Upgrading the Fleet helm chart upgrades the fleet-controller and its config. To avoid race conditions while fleet-controller starts updating the fleet-agents, we propose to scale down the fleet-controller to zero replicas before starting the upgrade.

    When using Fleet in Rancher and updating from Rancher 2.5, the default installation namespace for fleet changes from fleet-system to cattle-fleet-system. This release adds code to re-deploy the agents if necessary, to regenerate their config in the new namespace. Once the new agent is running and the cluster resources status is ok, it's fine to delete any leftover fleet-system namespaces. In older versions of fleet, it's possible to copy the agent config manually into the new namespace, or to trigger the agent redeployment manually.

    Additions

    • Add authentication support for OCI based Helm charts by @thardeck in #996
    • Support cluster repo change by @manno in #999
    • Apply gitrepo labels to bundles by @manno in #1007
    • Add allowedTargetNamespaces to GitRepoRestriction by @manno in #1008
    • Enforce presence of targetNamespace if gitreporestriction is present. by @manno in #1022
    • Cluster specific registry replaces global registry by @manno in #1053
    • Reading contents&secrets uses specific service account by @manno in #1063
    • Cluster values full templating by @manno in #1158
    • Helm Target Customization Repo/Version Override by @romejoe in #1011
    • Sprig Templating for Helm Values with Inputs from Cluster Resource by @rajiteh in #671
    • Add helmRepoUrlRegex to the GitRepo by @raulcabello in #1234

    Bugfixes

    What's Changed

    • Removing the docs directory by @mattfarina in #1014
    • Scripts for local testing with k3d by @manno in #1024
    • Debug statements for controllers by @manno in #1036
    • Scaling: make ClusterEnqueueDelay configurable via environment variable by @moio in #1071
    • Add nightly builds by @manno in #1075
    • Cluster registration debug messages and comments by @manno in #1095
    • Add support to continuous pprof CPU profiling by @moio in #1076
    • Split DEVELOPING.md into separate files in docs/ by @manno in #1134
    • Add CLI to generate reference docs by @manno in #1126
    • Allow to run longer before killing leader during debugging by @moio in #1137
    • Introduce parameter to debug controller but not agents by @moio in #1124
    • Fix CRD download url by @olblak in #1190
    • Add Github Action workflow to prevent manual changes to Gitjob or generated code by @thardeck in #1239
    • Fleet in Rancher Upgrade CI by @manno in #1198

    New Contributors

    Full Changelog: v0.5.0...v0.6.0

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    v0.6.0

    • (rancherio-gh-m) released this 2023-04-05 13:35:35 +0000 UTC*

    Description​

    Notes

    Upgrading the Fleet helm chart upgrades the fleet-controller and its config. To avoid race conditions while fleet-controller starts updating the fleet-agents, we propose to scale down the fleet-controller to zero replicas before starting the upgrade.

    When using Fleet in Rancher and updating from Rancher 2.5, the default installation namespace for fleet changes from fleet-system to cattle-fleet-system. This release adds code to re-deploy the agents if necessary, to regenerate their config in the new namespace. Once the new agent is running and the cluster resources status is ok, it's fine to delete any leftover fleet-system namespaces. In older versions of fleet, it's possible to copy the agent config manually into the new namespace, or to trigger the agent redeployment manually.

    Additions

    • Add authentication support for OCI based Helm charts by @thardeck in #996
    • Support cluster repo change by @manno in #999
    • Apply gitrepo labels to bundles by @manno in #1007
    • Add allowedTargetNamespaces to GitRepoRestriction by @manno in #1008
    • Enforce presence of targetNamespace if gitreporestriction is present. by @manno in #1022
    • Cluster specific registry replaces global registry by @manno in #1053
    • Reading contents&secrets uses specific service account by @manno in #1063
    • Cluster values full templating by @manno in #1158
    • Helm Target Customization Repo/Version Override by @romejoe in #1011
    • Sprig Templating for Helm Values with Inputs from Cluster Resource by @rajiteh in #671
    • Add helmRepoUrlRegex to the GitRepo by @raulcabello in #1234

    Bugfixes

    What's Changed

    • Removing the docs directory by @mattfarina in #1014
    • Scripts for local testing with k3d by @manno in #1024
    • Debug statements for controllers by @manno in #1036
    • Scaling: make ClusterEnqueueDelay configurable via environment variable by @moio in #1071
    • Add nightly builds by @manno in #1075
    • Cluster registration debug messages and comments by @manno in #1095
    • Add support to continuous pprof CPU profiling by @moio in #1076
    • Split DEVELOPING.md into separate files in docs/ by @manno in #1134
    • Add CLI to generate reference docs by @manno in #1126
    • Allow to run longer before killing leader during debugging by @moio in #1137
    • Introduce parameter to debug controller but not agents by @moio in #1124
    • Fix CRD download url by @olblak in #1190
    • Add Github Action workflow to prevent manual changes to Gitjob or generated code by @thardeck in #1239
    • Fleet in Rancher Upgrade CI by @manno in #1198

    New Contributors

    Full Changelog: v0.5.0...v0.6.0

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/cli/fleet-agent.html b/0.6/cli/fleet-agent.html index 6dfcd5467..272a73dd1 100644 --- a/0.6/cli/fleet-agent.html +++ b/0.6/cli/fleet-agent.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Version: 0.6

    fleet-agent​

    fleet-agent [flags]

    Options​

          --agent-scope string        An identifier used to scope the agent bundleID names, typically the same as namespace
          --checkin-interval string   How often to post cluster status
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet-agent
          --kubeconfig string         kubeconfig file
          --namespace string          namespace to watch
          --simulators int            Numbers of simulators to run
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    fleet-agent​

    fleet-agent [flags]

    Options​

          --agent-scope string        An identifier used to scope the agent bundleID names, typically the same as namespace
          --checkin-interval string   How often to post cluster status
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet-agent
          --kubeconfig string         kubeconfig file
          --namespace string          namespace to watch
          --simulators int            Numbers of simulators to run
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/cli/fleet-cli/fleet.html b/0.6/cli/fleet-cli/fleet.html index 5e67ea4bf..7730570aa 100644 --- a/0.6/cli/fleet-cli/fleet.html +++ b/0.6/cli/fleet-cli/fleet.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Version: 0.6

    fleet​

    fleet [flags]

    Options​

          --context string            kubeconfig context for authentication
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet test - Match a bundle to a target and render the output
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    fleet​

    fleet [flags]

    Options​

          --context string            kubeconfig context for authentication
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet test - Match a bundle to a target and render the output
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/cli/fleet-cli/fleet_apply.html b/0.6/cli/fleet-cli/fleet_apply.html index e2987b525..5b805adfc 100644 --- a/0.6/cli/fleet-cli/fleet_apply.html +++ b/0.6/cli/fleet-cli/fleet_apply.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Version: 0.6

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string           Location of the raw Bundle resource yaml
          --cacerts-file string          Path of custom cacerts for helm repo
          --commit string                Commit to assign to the bundle
      -c, --compress                     Force all resources to be compress
          --debug                        Turn on debug logging
          --debug-level int              If debugging is enabled, set klog -v=X
      -f, --file string                  Location of the fleet.yaml
      -h, --help                         help for apply
      -l, --label strings                Labels to apply to created bundles
      -o, --output string                Output contents to file or - for stdout
          --password-file string         Path of file containing basic auth password for helm repo
          --paused                       Create bundles in a paused state
      -a, --service-account string       Service account to assign to bundle created
          --ssh-privatekey-file string   Path of ssh-private-key for helm repo
          --sync-generation int          Generation number used to force sync the deployment
          --target-namespace string      Ensure this bundle goes to this target namespace
          --targets-file string          Addition source of targets and restrictions to be append
          --username string              Basic auth username for helm repo

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string           Location of the raw Bundle resource yaml
          --cacerts-file string          Path of custom cacerts for helm repo
          --commit string                Commit to assign to the bundle
      -c, --compress                     Force all resources to be compress
          --debug                        Turn on debug logging
          --debug-level int              If debugging is enabled, set klog -v=X
      -f, --file string                  Location of the fleet.yaml
      -h, --help                         help for apply
      -l, --label strings                Labels to apply to created bundles
      -o, --output string                Output contents to file or - for stdout
          --password-file string         Path of file containing basic auth password for helm repo
          --paused                       Create bundles in a paused state
      -a, --service-account string       Service account to assign to bundle created
          --ssh-privatekey-file string   Path of ssh-private-key for helm repo
          --sync-generation int          Generation number used to force sync the deployment
          --target-namespace string      Ensure this bundle goes to this target namespace
          --targets-file string          Addition source of targets and restrictions to be append
          --username string              Basic auth username for helm repo

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/cli/fleet-cli/fleet_test.html b/0.6/cli/fleet-cli/fleet_test.html index c839855a7..0eba06206 100644 --- a/0.6/cli/fleet-cli/fleet_test.html +++ b/0.6/cli/fleet-cli/fleet_test.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Version: 0.6

    fleet test​

    Match a bundle to a target and render the output

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
          --debug                 Turn on debug logging
          --debug-level int       If debugging is enabled, set klog -v=X
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    fleet test​

    Match a bundle to a target and render the output

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
          --debug                 Turn on debug logging
          --debug-level int       If debugging is enabled, set klog -v=X
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/cli/fleet-controller/fleet-manager.html b/0.6/cli/fleet-controller/fleet-manager.html index 33c4a26d2..a435c8ef4 100644 --- a/0.6/cli/fleet-controller/fleet-manager.html +++ b/0.6/cli/fleet-controller/fleet-manager.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Version: 0.6

    fleet-manager​

    fleet-manager [flags]

    Options​

          --debug               Turn on debug logging
          --debug-level int     If debugging is enabled, set klog -v=X
          --disable-bootstrap   disable agent on local cluster
          --disable-gitops      disable gitops components
      -h, --help                help for fleet-manager
          --kubeconfig string   Kubeconfig file
          --namespace string    namespace to watch (default "cattle-fleet-system")
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    fleet-manager​

    fleet-manager [flags]

    Options​

          --debug               Turn on debug logging
          --debug-level int     If debugging is enabled, set klog -v=X
          --disable-bootstrap   disable agent on local cluster
          --disable-gitops      disable gitops components
      -h, --help                help for fleet-manager
          --kubeconfig string   Kubeconfig file
          --namespace string    namespace to watch (default "cattle-fleet-system")
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/cluster-bundles-state.html b/0.6/cluster-bundles-state.html index c3647f0a3..e51e7c283 100644 --- a/0.6/cluster-bundles-state.html +++ b/0.6/cluster-bundles-state.html @@ -4,13 +4,13 @@ Cluster and Bundle State | Fleet - +
    -
    Skip to main content
    Version: 0.6

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/cluster-group.html b/0.6/cluster-group.html index b50218dce..f1cc73e26 100644 --- a/0.6/cluster-group.html +++ b/0.6/cluster-group.html @@ -4,7 +4,7 @@ Create Cluster Groups | Fleet - + @@ -13,8 +13,8 @@ The only parameter for a cluster group is essentially the selector. When you get to a certain scale cluster groups become a more reasonable way to manage your clusters. Cluster groups serve the purpose of giving aggregated -status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/cluster-registration.html b/0.6/cluster-registration.html index feb8786bf..a97752c14 100644 --- a/0.6/cluster-registration.html +++ b/0.6/cluster-registration.html @@ -4,7 +4,7 @@ Register Downstream Clusters | Fleet - + @@ -75,8 +75,8 @@ above example one can run the following one-liner:

    info

    If you are using Fleet standalone without Rancher, it must be installed as described in installation details.

    The manager-initiated registration is used when you add a cluster from the Rancher dashboard.

    Create Kubeconfig Secret​

    The format of this secret is intended to match the format of the kubeconfig secret used in cluster-api. -This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/concepts.html b/0.6/concepts.html index c3520f4b1..65cb4f278 100644 --- a/0.6/concepts.html +++ b/0.6/concepts.html @@ -4,7 +4,7 @@ Core Concepts | Fleet - + @@ -24,8 +24,8 @@ Regardless of the source the contents are dynamically rendered into a Helm chart and installed into the downstream cluster as a helm release.

  • BundleDeployment: When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for -the cluster the agent is managing.

    • For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click here.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the cluster the agent is managing.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/gitrepo-add.html b/0.6/gitrepo-add.html index d5f7d5bcc..7ecba78e0 100644 --- a/0.6/gitrepo-add.html +++ b/0.6/gitrepo-add.html @@ -4,7 +4,7 @@ Create a GitRepo Resource | Fleet - + @@ -12,8 +12,8 @@
    Skip to main content
    Version: 0.6

    Create a GitRepo Resource

    Create GitRepo Instance​

    Git repositories are registered by creating a GitRepo resource in Kubernetes. Refer to the creating a deployment tutorial for examples.

    The available fields are documented in the GitRepo resource reference

    Using Helm Values​

    How changes are applied to values.yaml:

    • Note that the most recently applied changes to the values.yaml will override any previously existing values.

    • When changes are applied to the values.yaml from multiple sources at the same time, the values will update in the following order: helm.values -> helm.valuesFiles -> helm.valuesFrom. That means valuesFrom will take precedence over both, valuesFiles and values.

    Using ValuesFrom​

    These examples showcase the style and format for using valuesFrom. ConfigMaps and Secrets should be created in downstream clusters.

    Example ConfigMap:

    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: configmap-values
      namespace: default
    data:  
      values.yaml: |-
        replication: true
        replicas: 2
        serviceType: NodePort

    Example Secret:

    apiVersion: v1
    kind: Secret
    metadata:
      name: secret-values
      namespace: default
    stringData:
      values.yaml: |-
        replication: true
        replicas: 3
        serviceType: NodePort

    A secret like that, can be created from a YAML file secretdata.yaml by running the following kubectl command: kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml

    The resources can then be referenced from a fleet.yaml:

    helm:
      chart: simple-chart
      valuesFrom:
        - secretKeyRef:
            name: secret-values
            namespace: default
            key: values.yaml
        - configMapKeyRef:
            name: configmap-values
            namespace: default
            key: values.yaml
      values:
        replicas: "4"

    Adding Private Git Repository​

    Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace.

    For example, to generate a private ssh key

    ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"

    Note: The private key format has to be in EC PRIVATE KEY, RSA PRIVATE KEY or PRIVATE KEY and should not contain a passphase.

    Put your private key into secret, use the namespace the GitRepo is in:

    kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key  --type=kubernetes.io/ssh-auth
    caution

    Private key with passphrase is not supported.

    caution

    The key has to be in PEM format.

    Fleet supports putting known_hosts into ssh secret. Here is an example of how to add it:

    Fetch the public key hash(take github as an example)

    ssh-keyscan -H github.com

    And add it into secret:

    apiVersion: v1
    kind: Secret
    metadata:
      name: ssh-key
    type: kubernetes.io/ssh-auth
    stringData:
      ssh-privatekey: <private-key>
      known_hosts: |-
        |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
    danger

    If you don't add it any server's public key will be trusted and added. (ssh -o stricthostkeychecking=accept-new will be used)

    info

    If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.

    Using HTTP Auth​

    Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see HTTP secrets in Github.

    kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat

    Just like with SSH, reference the secret in your GitRepo resource via clientSecretName.

    spec:
      repo: https://github.com/fleetrepoci/gitjob-private.git
      branch: main
      clientSecretName: basic-auth-secret

    Using Private Helm Repositories​

    danger

    The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource. Make sure you don't leak credentials by mixing public and private repositories. Split them into different gitrepos, or use -helmRepoURLRegex to limit the scope of credentials to certain servers.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +helmRepoURLRegex to limit the scope of credentials to certain servers.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/gitrepo-content.html b/0.6/gitrepo-content.html index cd9f1f4c0..932c2b8c8 100644 --- a/0.6/gitrepo-content.html +++ b/0.6/gitrepo-content.html @@ -4,7 +4,7 @@ Git Repository Contents | Fleet - + @@ -43,8 +43,8 @@ the contents of a file the convention of adding _patch. (notice the will be replaced with . from the file name and that will be used as the target. For example deployment_patch.yaml will target deployment.yaml. The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch. Which strategy is used is based on the file content. Even though JSON strategies are used, the files can be written -using YAML syntax.

    Cluster and Bundle State​

    See Cluster and Bundle state.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +using YAML syntax.

    Cluster and Bundle State​

    See Cluster and Bundle state.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/gitrepo-targets.html b/0.6/gitrepo-targets.html index 106b8d330..4301af712 100644 --- a/0.6/gitrepo-targets.html +++ b/0.6/gitrepo-targets.html @@ -4,7 +4,7 @@ Mapping to Downstream Clusters | Fleet - + @@ -21,8 +21,8 @@ that the value {} for a selector means "match everything." and add clusters to it.

    Customization per Cluster​

    To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use multi-cluster/helm/fleet.yaml.

    Situation: User has three clusters with three different labels: env=dev, env=test, and env=prod. User wants to deploy a frontend application with a backend database across these clusters.

    Expected behavior:

    Advantage of Fleet:

    Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:

    1. Deploy gitRepo https://github.com/rancher/fleet-examples.git and specify the path multi-cluster/helm.
    2. Under multi-cluster/helm, a Helm chart will deploy the frontend app service and backend database service.
    3. The following rule will be defined in fleet.yaml: 
    targetCustomizations:
    - name: dev
      helm:
        values:
          replication: false
      clusterSelector:
        matchLabels:
          env: dev

    - name: test
      helm:
        values:
          replicas: 3
      clusterSelector:
        matchLabels:
          env: test

    - name: prod
      helm:
        values:
          serviceType: LoadBalancer
          replicas: 3
      clusterSelector:
        matchLabels:
          env: prod

    Result:

    Fleet will deploy the Helm chart with your customized values.yaml to the different clusters.

    Note: Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.

    important information

    Overriding the version of a Helm chart via target customizations will lead to bundles containing all versions, ie the default one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will deploy larger bundles.

    As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed etcd's configured maximum blob size. See this issue for more details.

    Additional Examples​

    Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations -of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/imagescan.html b/0.6/imagescan.html index e97fc310d..48e52b070 100644 --- a/0.6/imagescan.html +++ b/0.6/imagescan.html @@ -4,15 +4,15 @@ Using Image Scan to Update Container Image References | Fleet - +
    Skip to main content
    Version: 0.6

    Using Image Scan to Update Container Image References

    Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository, without the need to manually update your manifests.

    caution

    This feature is considered as experimental feature.

    Go to fleet.yaml and add the following section.

    imageScans:
    # specify the policy to retrieve images, can be semver or alphabetical order 
    - policy: 
        # if range is specified, it will take the latest image according to semver order in the range
        # for more details on how to use semver, see https://github.com/Masterminds/semver
        semver: 
          range: "*" 
        # can use ascending or descending order
        alphabetical:
          order: asc 

      # specify images to scan
      image: "your.registry.com/repo/image" 

      # Specify the tag name, it has to be unique in the same bundle
      tagName: test-scan

      # specify secret to pull image if in private registry
      secretRef:
        name: dockerhub-secret 

      # Specify the scan interval
      interval: 5m
    info

    You can create multiple image scans in fleet.yaml.

    Go to your manifest files and update the field that you want to replace. For example:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: redis-slave
    spec:
      selector:
        matchLabels:
          app: redis
          role: slave
          tier: backend
      replicas: 2
      template:
        metadata:
          labels:
            app: redis
            role: slave
            tier: backend
        spec:
          containers:
          - name: slave
            image: <image>:<tag> # {"$imagescan": "test-scan"}
            resources:
              requests:
                cpu: 100m
                memory: 100Mi
            ports:
            - containerPort: 6379
    note

    There are multiple form of tagName you can reference. For example

    {"$imagescan": "test-scan"}: Use full image name(foo/bar:tag)

    {"$imagescan": "test-scan:name"}: Only use image name without tag(foo/bar)

    {"$imagescan": "test-scan:tag"}: Only use image tag

    {"$imagescan": "test-scan:digest"}: Use full image name with digest(foo/bar:tag@sha256...)

    Create a GitRepo that includes your fleet.yaml

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: my-repo
      namespace: fleet-local
    spec:
      # change this to be your own repo
      repo: https://github.com/rancher/fleet-examples 
      # define how long it will sync all the images and decide to apply change
      imageScanInterval: 5m 
      # user must properly provide a secret that have write access to git repository
      clientSecretName: secret 
      # specify the commit pattern
      imageScanCommit:
        authorName: foo
        authorEmail: foo@bar.com
        messageTemplate: "update image"

    Try pushing a new image tag, for example, <image>:<new-tag>. Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml. -Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/installation.html b/0.6/installation.html index 8c53b48af..f2337f7f4 100644 --- a/0.6/installation.html +++ b/0.6/installation.html @@ -4,7 +4,7 @@ Installation Details | Fleet - + @@ -37,8 +37,8 @@ the ca.pem is not correct. The contents of the $API_SERVER_CA and the CA certificate is in the file ca.pem. If your API server URL is signed by a well-known CA you can omit the apiServerCA parameter below or just create an empty ca.pem file (ie touch ca.pem).

    Setup the environment with your specific values, e.g.:

    API_SERVER_URL="https://example.com:6443"
    API_SERVER_CA="ca.pem"

    Once you have validated the API server URL and API server CA parameters, install the following two Helm charts.

    First install the Fleet CustomResourcesDefintions.
    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz

    Second install the Fleet controllers.

    helm -n cattle-fleet-system install --create-namespace --wait \
        --set apiServerURL="$API_SERVER_URL" \
        --set-file apiServerCA="$API_SERVER_CA" \
        fleet https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz

    At this point the Fleet manager should be ready. You can now register clusters and git repos with -the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/multi-user.html b/0.6/multi-user.html index d8e00f7e1..b91711191 100644 --- a/0.6/multi-user.html +++ b/0.6/multi-user.html @@ -4,7 +4,7 @@ Setup Multi User | Fleet - + @@ -17,8 +17,8 @@ deploy cluster wide resources. Even with the available Fleet restrictions, users are only restricted to namespaces, but namespaces don't provide much isolation on their own. E.g. they can still consume as many resources as they like.

    However, the existing Fleet restrictions allow users to share clusters, and -deploy resources without conflicts.

    Example User​

    This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace.

    kubectl create serviceaccount fleetuser
    kubectl create namespace project1
    kubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser

    If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:

    kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser
    kubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser

    This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +deploy resources without conflicts.

    Example User​

    This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace.

    kubectl create serviceaccount fleetuser
    kubectl create namespace project1
    kubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser

    If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:

    kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser
    kubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser

    This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/namespaces.html b/0.6/namespaces.html index 62757cb40..3b16ebb57 100644 --- a/0.6/namespaces.html +++ b/0.6/namespaces.html @@ -4,7 +4,7 @@ Namespaces | Fleet - + @@ -39,8 +39,8 @@ in an error state and won't be deployed.

    This can also be used to set If an allowedTargetNamespaces restriction is present, all GitRepos must specify a targetNamespace and the specified namespace must be in the allow list. -This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/quickstart.html b/0.6/quickstart.html index 02af3636a..2c16930c0 100644 --- a/0.6/quickstart.html +++ b/0.6/quickstart.html @@ -4,15 +4,15 @@ Quick Start | Fleet - +
    Skip to main content
    Version: 0.6

    Quick Start

    Who needs documentation, lets just run this thing!

    Install​

    Get helm if you don't have it. Helm 3 is just a CLI and won't do bad insecure things to your cluster.

    brew install helm

    Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz
    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz

    Add a Git Repo to Watch​

    Change spec.repo to your git repo of choice. Kubernetes manifest files that should -be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/ref-bundle-stages.html b/0.6/ref-bundle-stages.html index b539b3c54..06b2d3780 100644 --- a/0.6/ref-bundle-stages.html +++ b/0.6/ref-bundle-stages.html @@ -4,13 +4,13 @@ Bundle Lifecycle | Fleet - +
    -
    Skip to main content
    Version: 0.6

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/ref-configuration.html b/0.6/ref-configuration.html index c513a89fb..245e0d258 100644 --- a/0.6/ref-configuration.html +++ b/0.6/ref-configuration.html @@ -4,13 +4,13 @@ Configuration | Fleet - +
    -
    Skip to main content
    Version: 0.6

    Configuration

    A reference list of, mostly internal, configuration options.

    Helm Charts​

    The Helm charts accept, at least, the options as shown with their default in values.yaml:

    Environment Variables​

    The controllers can be started with these environment variables:

    • CATTLE_DEV_MODE - used to debug wrangler, not usable
    • FLEET_CLUSTER_ENQUEUE_DELAY - tune how often non-ready clusters are checked
    • FLEET_CPU_PPROF_PERIOD - used to turn on performance profiling

    Configuration​

    In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments.

    The config struct is used in both config maps:

    • cattle-fleet-system/fleet-agent
    • cattle-fleet-system/fleet-controller

    Labels​

    Labels used by fleet:

    • fleet.cattle.io/agent=true - NodeSelector label for agent's deployment affinity setting
    • fleet.cattle.io/non-managed-agent - managed agent bundle won't target Clusters with this label
    • fleet.cattle.io/repo-name - used on Bundle to reference the git repo resource
    • fleet.cattle.io/bundle-namespace - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/bundle-name - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/managed=true - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces.
    • fleet.cattle.io/bootstrap-token - unused

    Annotations​

    Annotations used by fleet:

    • fleet.cattle.io/agent-namespace
    • fleet.cattle.io/bundle-id
    • fleet.cattle.io/cluster, fleet.cattle.io/cluster-namespace - used on a cluster namespace to reference the cluster registration namespace and cluster name
    • fleet.cattle.io/cluster-group
    • fleet.cattle.io/cluster-registration-namespace
    • fleet.cattle.io/cluster-registration
    • fleet.cattle.io/commit
    • fleet.cattle.io/managed - appears unused
    • fleet.cattle.io/service-account
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    Configuration

    A reference list of, mostly internal, configuration options.

    Helm Charts​

    The Helm charts accept, at least, the options as shown with their default in values.yaml:

    Environment Variables​

    The controllers can be started with these environment variables:

    • CATTLE_DEV_MODE - used to debug wrangler, not usable
    • FLEET_CLUSTER_ENQUEUE_DELAY - tune how often non-ready clusters are checked
    • FLEET_CPU_PPROF_PERIOD - used to turn on performance profiling

    Configuration​

    In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments.

    The config struct is used in both config maps:

    • cattle-fleet-system/fleet-agent
    • cattle-fleet-system/fleet-controller

    Labels​

    Labels used by fleet:

    • fleet.cattle.io/agent=true - NodeSelector label for agent's deployment affinity setting
    • fleet.cattle.io/non-managed-agent - managed agent bundle won't target Clusters with this label
    • fleet.cattle.io/repo-name - used on Bundle to reference the git repo resource
    • fleet.cattle.io/bundle-namespace - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/bundle-name - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/managed=true - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces.
    • fleet.cattle.io/bootstrap-token - unused

    Annotations​

    Annotations used by fleet:

    • fleet.cattle.io/agent-namespace
    • fleet.cattle.io/bundle-id
    • fleet.cattle.io/cluster, fleet.cattle.io/cluster-namespace - used on a cluster namespace to reference the cluster registration namespace and cluster name
    • fleet.cattle.io/cluster-group
    • fleet.cattle.io/cluster-registration-namespace
    • fleet.cattle.io/cluster-registration
    • fleet.cattle.io/commit
    • fleet.cattle.io/managed - appears unused
    • fleet.cattle.io/service-account
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/ref-crds.html b/0.6/ref-crds.html index 4e07d0eb0..1b068c8e0 100644 --- a/0.6/ref-crds.html +++ b/0.6/ref-crds.html @@ -4,13 +4,13 @@ Custom Resources Spec | Fleet - +
    -
    Skip to main content
    Version: 0.6

    Custom Resources Spec

    Sub Resources

    GitRepo​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsstringfalse
    statestringfalse
    messagestringfalse
    errorboolfalse

    Back to Custom Resources

    GitRepoResource​

    FieldDescriptionSchemeRequired
    apiVersionstringfalse
    kindstringfalse
    typestringfalse
    idstringfalse
    namespacestringfalse
    namestringfalse
    incompleteStateboolfalse
    statestringfalse
    errorboolfalse
    transitioningboolfalse
    messagestringfalse
    perClusterState[][ResourcePerClusterState](#resourceperclusterstate)false

    Back to Custom Resources

    GitRepoResourceCounts​

    FieldDescriptionSchemeRequired
    readyinttrue
    desiredReadyinttrue
    waitAppliedinttrue
    modifiedinttrue
    orphanedinttrue
    missinginttrue
    unknowninttrue
    notReadyinttrue

    Back to Custom Resources

    GitRepoRestriction​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountstringfalse
    allowedServiceAccounts[]stringfalse
    allowedRepoPatterns[]stringfalse
    defaultClientSecretNamestringfalse
    allowedClientSecretNames[]stringfalse
    allowedTargetNamespaces[]stringfalse

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and indexstringfalse
    branchBranch The git branch to followstringfalse
    revisionRevision A specific commit or tag to operate onstringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demandstringfalse
    clientSecretNameClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for private helm repositorystringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not providedstringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default[]stringfalse
    pausedPaused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSyncboolfalse
    serviceAccountServiceAccount used in the downstream cluster for deploymentstringfalse
    targetsTargets is a list of target this repo will deploy to[][GitTarget](#gittarget)false
    pollingIntervalPollingInterval is how often to check git for new updates*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Gitint64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when new image is scanned and write back to git repoCommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepoboolfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationint64true
    commitstringfalse
    readyClustersinttrue
    desiredReadyClustersinttrue
    gitJobStatusstringfalse
    summaryBundleSummaryfalse
    displayGitRepoDisplayfalse
    conditions[]genericcondition.GenericConditionfalse
    resources[][GitRepoResource](#gitreporesource)false
    resourceCountsGitRepoResourceCountsfalse
    resourceErrors[]stringfalse
    lastSyncedImageScanTimemetav1.Timefalse

    Back to Custom Resources

    GitTarget​

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    FieldDescriptionSchemeRequired
    statestringfalse
    errorboolfalse
    transitioningboolfalse
    messagestringfalse
    patch*GenericMapfalse
    clusterIdstringfalse

    Back to Custom Resources

    Bundle​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDeployment​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    stagedOptionsBundleDeploymentOptionsfalse
    stagedDeploymentIDstringfalse
    optionsBundleDeploymentOptionsfalse
    deploymentIDstringfalse
    dependsOn[][BundleRef](#bundleref)false

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[][NonReadyStatus](#nonreadystatus)false
    modifiedStatus[][ModifiedStatus](#modifiedstatus)false
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false

    Back to Custom Resources

    BundleDisplay​

    FieldDescriptionSchemeRequired
    readyClustersstringfalse
    statestringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    namestringfalse
    selector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    FieldDescriptionSchemeRequired
    namestringfalse
    contentstringfalse
    encodingstringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contain the actual resources from the git repo which will be deployed.[][BundleResource](#bundleresource)false
    targetsTargets refer to the clusters which will be deployed to.[][BundleTarget](#bundletarget)false
    targetRestrictionsTargetRestrictions restrict which clusters the bundle will be deployed to.[][BundleTargetRestriction](#bundletargetrestriction)false
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[][BundleRef](#bundleref)false

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    summaryBundleSummaryfalse
    newlyCreatedintfalse
    unavailableinttrue
    unavailablePartitionsinttrue
    maxUnavailableinttrue
    maxUnavailablePartitionsinttrue
    maxNewintfalse
    partitions[][PartitionStatus](#partitionstatus)false
    displayBundleDisplayfalse
    resourceKey[][ResourceKey](#resourcekey)false
    observedGenerationint64true

    Back to Custom Resources

    BundleSummary​

    FieldDescriptionSchemeRequired
    notReadyintfalse
    waitAppliedintfalse
    errAppliedintfalse
    outOfSyncintfalse
    modifiedintfalse
    readyinttrue
    pendingintfalse
    desiredReadyinttrue
    nonReadyResources[][NonReadyResource](#nonreadyresource)false

    Back to Custom Resources

    BundleTarget​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleTargetRestriction​

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ComparePatch​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    operations[][Operation](#operation)false
    jsonPointers[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    Content​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    content[]bytefalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatches[][ComparePatch](#comparepatch)false

    Back to Custom Resources

    HelmOptions​

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[][ValuesFrom](#valuesfrom)false
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse

    Back to Custom Resources

    KustomizeOptions​

    FieldDescriptionSchemeRequired
    dirstringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    namestringtrue

    Back to Custom Resources

    ModifiedStatus​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyResource​

    FieldDescriptionSchemeRequired
    namestringfalse
    bundleStateBundleStatefalse
    messagestringfalse
    modifiedStatus[][ModifiedStatus](#modifiedstatus)false
    nonReadyStatus[][NonReadyStatus](#nonreadystatus)false

    Back to Custom Resources

    NonReadyStatus​

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    FieldDescriptionSchemeRequired
    opstringfalse
    pathstringfalse
    valuestringfalse

    Back to Custom Resources

    Partition​

    FieldDescriptionSchemeRequired
    namestringfalse
    maxUnavailable*intstr.IntOrStringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    FieldDescriptionSchemeRequired
    namestringfalse
    countintfalse
    maxUnavailableintfalse
    unavailableintfalse
    summaryBundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse

    Back to Custom Resources

    RolloutStrategy​

    FieldDescriptionSchemeRequired
    maxUnavailable*intstr.IntOrStringfalse
    maxUnavailablePartitions*intstr.IntOrStringfalse
    autoPartitionSize*intstr.IntOrStringfalse
    partitions[][Partition](#partition)false

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    FieldDescriptionSchemeRequired
    overlays[]stringfalse

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenmetav1.Timetrue
    namespacestringtrue
    nonReadyNodesinttrue
    readyNodesinttrue
    nonReadyNodeNamesAt most 3 nodes[]stringtrue
    readyNodeNamesAt most 3 nodes[]stringtrue

    Back to Custom Resources

    Cluster​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesstringfalse
    readyNodesstringfalse
    sampleNodestringfalse
    statestringfalse

    Back to Custom Resources

    ClusterGroup​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersstringfalse
    readyBundlesstringfalse
    statestringfalse

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountinttrue
    nonReadyClusterCountinttrue
    nonReadyClusters[]stringfalse
    conditions[]genericcondition.GenericConditionfalse
    summaryBundleSummaryfalse
    displayClusterGroupDisplayfalse
    resourceCountsGitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDstringfalse
    clientRandomstringfalse
    clusterLabelsmap[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNamestringfalse
    grantedboolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttl*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expires*metav1.Timefalse
    secretNamestringfalse

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]v1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]v1.Tolerationfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summaryBundleSummaryfalse
    resourceCountsGitRepoResourceCountsfalse
    readyGitReposinttrue
    desiredReadyGitReposinttrue
    agentEnvVarsHashstringfalse
    agentPrivateRepoURLstringfalse
    agentDeployedGeneration*int64false
    agentMigratedboolfalse
    agentNamespaceMigratedboolfalse
    cattleNamespaceMigratedboolfalse
    displayClusterDisplayfalse
    agentAgentStatusfalse

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    Custom Resources Spec

    Sub Resources

    GitRepo​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsstringfalse
    statestringfalse
    messagestringfalse
    errorboolfalse

    Back to Custom Resources

    GitRepoResource​

    FieldDescriptionSchemeRequired
    apiVersionstringfalse
    kindstringfalse
    typestringfalse
    idstringfalse
    namespacestringfalse
    namestringfalse
    incompleteStateboolfalse
    statestringfalse
    errorboolfalse
    transitioningboolfalse
    messagestringfalse
    perClusterState[][ResourcePerClusterState](#resourceperclusterstate)false

    Back to Custom Resources

    GitRepoResourceCounts​

    FieldDescriptionSchemeRequired
    readyinttrue
    desiredReadyinttrue
    waitAppliedinttrue
    modifiedinttrue
    orphanedinttrue
    missinginttrue
    unknowninttrue
    notReadyinttrue

    Back to Custom Resources

    GitRepoRestriction​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountstringfalse
    allowedServiceAccounts[]stringfalse
    allowedRepoPatterns[]stringfalse
    defaultClientSecretNamestringfalse
    allowedClientSecretNames[]stringfalse
    allowedTargetNamespaces[]stringfalse

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and indexstringfalse
    branchBranch The git branch to followstringfalse
    revisionRevision A specific commit or tag to operate onstringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demandstringfalse
    clientSecretNameClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for private helm repositorystringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not providedstringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default[]stringfalse
    pausedPaused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSyncboolfalse
    serviceAccountServiceAccount used in the downstream cluster for deploymentstringfalse
    targetsTargets is a list of target this repo will deploy to[][GitTarget](#gittarget)false
    pollingIntervalPollingInterval is how often to check git for new updates*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Gitint64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when new image is scanned and write back to git repoCommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepoboolfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationint64true
    commitstringfalse
    readyClustersinttrue
    desiredReadyClustersinttrue
    gitJobStatusstringfalse
    summaryBundleSummaryfalse
    displayGitRepoDisplayfalse
    conditions[]genericcondition.GenericConditionfalse
    resources[][GitRepoResource](#gitreporesource)false
    resourceCountsGitRepoResourceCountsfalse
    resourceErrors[]stringfalse
    lastSyncedImageScanTimemetav1.Timefalse

    Back to Custom Resources

    GitTarget​

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    FieldDescriptionSchemeRequired
    statestringfalse
    errorboolfalse
    transitioningboolfalse
    messagestringfalse
    patch*GenericMapfalse
    clusterIdstringfalse

    Back to Custom Resources

    Bundle​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDeployment​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    stagedOptionsBundleDeploymentOptionsfalse
    stagedDeploymentIDstringfalse
    optionsBundleDeploymentOptionsfalse
    deploymentIDstringfalse
    dependsOn[][BundleRef](#bundleref)false

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[][NonReadyStatus](#nonreadystatus)false
    modifiedStatus[][ModifiedStatus](#modifiedstatus)false
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false

    Back to Custom Resources

    BundleDisplay​

    FieldDescriptionSchemeRequired
    readyClustersstringfalse
    statestringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    namestringfalse
    selector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    FieldDescriptionSchemeRequired
    namestringfalse
    contentstringfalse
    encodingstringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contain the actual resources from the git repo which will be deployed.[][BundleResource](#bundleresource)false
    targetsTargets refer to the clusters which will be deployed to.[][BundleTarget](#bundletarget)false
    targetRestrictionsTargetRestrictions restrict which clusters the bundle will be deployed to.[][BundleTargetRestriction](#bundletargetrestriction)false
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[][BundleRef](#bundleref)false

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    summaryBundleSummaryfalse
    newlyCreatedintfalse
    unavailableinttrue
    unavailablePartitionsinttrue
    maxUnavailableinttrue
    maxUnavailablePartitionsinttrue
    maxNewintfalse
    partitions[][PartitionStatus](#partitionstatus)false
    displayBundleDisplayfalse
    resourceKey[][ResourceKey](#resourcekey)false
    observedGenerationint64true

    Back to Custom Resources

    BundleSummary​

    FieldDescriptionSchemeRequired
    notReadyintfalse
    waitAppliedintfalse
    errAppliedintfalse
    outOfSyncintfalse
    modifiedintfalse
    readyinttrue
    pendingintfalse
    desiredReadyinttrue
    nonReadyResources[][NonReadyResource](#nonreadyresource)false

    Back to Custom Resources

    BundleTarget​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleTargetRestriction​

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ComparePatch​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    operations[][Operation](#operation)false
    jsonPointers[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    Content​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    content[]bytefalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatches[][ComparePatch](#comparepatch)false

    Back to Custom Resources

    HelmOptions​

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[][ValuesFrom](#valuesfrom)false
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse

    Back to Custom Resources

    KustomizeOptions​

    FieldDescriptionSchemeRequired
    dirstringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    namestringtrue

    Back to Custom Resources

    ModifiedStatus​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyResource​

    FieldDescriptionSchemeRequired
    namestringfalse
    bundleStateBundleStatefalse
    messagestringfalse
    modifiedStatus[][ModifiedStatus](#modifiedstatus)false
    nonReadyStatus[][NonReadyStatus](#nonreadystatus)false

    Back to Custom Resources

    NonReadyStatus​

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    FieldDescriptionSchemeRequired
    opstringfalse
    pathstringfalse
    valuestringfalse

    Back to Custom Resources

    Partition​

    FieldDescriptionSchemeRequired
    namestringfalse
    maxUnavailable*intstr.IntOrStringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    FieldDescriptionSchemeRequired
    namestringfalse
    countintfalse
    maxUnavailableintfalse
    unavailableintfalse
    summaryBundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse

    Back to Custom Resources

    RolloutStrategy​

    FieldDescriptionSchemeRequired
    maxUnavailable*intstr.IntOrStringfalse
    maxUnavailablePartitions*intstr.IntOrStringfalse
    autoPartitionSize*intstr.IntOrStringfalse
    partitions[][Partition](#partition)false

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    FieldDescriptionSchemeRequired
    overlays[]stringfalse

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenmetav1.Timetrue
    namespacestringtrue
    nonReadyNodesinttrue
    readyNodesinttrue
    nonReadyNodeNamesAt most 3 nodes[]stringtrue
    readyNodeNamesAt most 3 nodes[]stringtrue

    Back to Custom Resources

    Cluster​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesstringfalse
    readyNodesstringfalse
    sampleNodestringfalse
    statestringfalse

    Back to Custom Resources

    ClusterGroup​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersstringfalse
    readyBundlesstringfalse
    statestringfalse

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountinttrue
    nonReadyClusterCountinttrue
    nonReadyClusters[]stringfalse
    conditions[]genericcondition.GenericConditionfalse
    summaryBundleSummaryfalse
    displayClusterGroupDisplayfalse
    resourceCountsGitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDstringfalse
    clientRandomstringfalse
    clusterLabelsmap[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNamestringfalse
    grantedboolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttl*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expires*metav1.Timefalse
    secretNamestringfalse

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]v1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]v1.Tolerationfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summaryBundleSummaryfalse
    resourceCountsGitRepoResourceCountsfalse
    readyGitReposinttrue
    desiredReadyGitReposinttrue
    agentEnvVarsHashstringfalse
    agentPrivateRepoURLstringfalse
    agentDeployedGeneration*int64false
    agentMigratedboolfalse
    agentNamespaceMigratedboolfalse
    cattleNamespaceMigratedboolfalse
    displayClusterDisplayfalse
    agentAgentStatusfalse

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/ref-fleet-yaml.html b/0.6/ref-fleet-yaml.html index 7e78175d7..5b5471256 100644 --- a/0.6/ref-fleet-yaml.html +++ b/0.6/ref-fleet-yaml.html @@ -4,13 +4,13 @@ fleet.yaml | Fleet - +
    -
    Skip to main content
    Version: 0.6

    fleet.yaml

    The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.

    For more information on how to use the fleet.yaml to customize bundles see Git Repository Contents.

    The content of the fleet.yaml corresponds to https://github.com/rancher/fleet/blob/main/pkg/bundlereader/read.go#L129-L135, which contains the BundleSpec.

    Reference​

    fleet.yaml
    # The default namespace to be applied to resources. This field is not used to
    # enforce or lock down the deployment to a specific namespace, but instead
    # provide the default value of the namespace field if one is not specified
    # in the manifests.
    # Default: default
    defaultNamespace: default

    # All resources will be assigned to this namespace and if any cluster scoped
    # resource exists the deployment will fail.
    # Default: ""
    namespace: default

    # Optional map of labels, that are set at the bundle and can be used in a 
    # dependsOn.selector
    labels:
      key: value

    kustomize:
      # Use a custom folder for kustomize resources. This folder must contain
      # a kustomization.yaml file.
      dir: ./kustomize

    helm:
      # Use a custom location for the Helm chart. This can refer to any go-getter URL or
      # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".
      # This allows one to download charts from most any location.  Also know that
      # go-getter URL supports adding a digest to validate the download. If repo
      # is set below this field is the name of the chart to lookup
      chart: ./chart
      # A https URL to a Helm repo to download the chart from. It's typically easier
      # to just use `chart` field and refer to a tgz file.  If repo is used the
      # value of `chart` will be used as the chart name to lookup in the Helm repository.
      repo: https://charts.rancher.io
      # A custom release name to deploy the chart as. If not specified a release name
      # will be generated by combining the invoking GitRepo.name + GitRepo.path.
      releaseName: my-release
      # Makes helm skip the check for its own annotations
      takeOwnership: false
      # The version of the chart or semver constraint of the chart to find. If a constraint
      # is specified it is evaluated each time git changes.
      # The version also determines which chart to download from OCI registries.
      version: 0.1.0
      # Any values that should be placed in the `values.yaml` and passed to helm during
      # install.
      values:
        any-custom: value
      # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME
      # These can now be accessed directly as variables
      # The variable's value will be an empty string if the referenced cluster label does not
      # exist on the targeted cluster
        variableName: global.fleet.clusterLabels.LABELNAME
      # It is possible to specify the keys and values as go template strings for
      # advanced templating needs. Most of the functions from the sprig templating
      # library are available. However, the `uuidv4` function is not supported.
      # The template context has following keys.
      # `.ClusterValues` are retrieved from target cluster's `spec.templateValues`
      # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.
      # `.ClusterName` as the fleet's cluster resource name.
      # `.ClusterNamespace` as the namespace in which the cluster resource exists.
      # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,
      #       unlike helm which uses {{ }}.
        templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"
        valueFromEnv:
          "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }
      # Path to any values files that need to be passed to helm during install
      valuesFiles:
        - values1.yaml
        - values2.yaml
      # Allow to use values files from configmaps or secrets defined in the downstream clusters
      valuesFrom:
      - configMapKeyRef:
          name: configmap-values
          # default to namespace of bundle
          namespace: default 
          key: values.yaml
      - secretKeyRef:
          name: secret-values
          namespace: default
          key: values.yaml
      # Override immutable resources. This could be dangerous.
      force: false
      # Set the Helm --atomic flag when upgrading
      atomic: false
      # Disable go template pre-processing on the fleet values
      disablePreProcess: false
      # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.
      # It will wait for as long as timeoutSeconds
      waitForJobs: true
      
    # A paused bundle will not update downstream clusters but instead mark the bundle
    # as OutOfSync. One can then manually confirm that a bundle should be deployed to
    # the downstream clusters.
    # Default: false
    paused: false

    rolloutStrategy:
        # A number or percentage of clusters that can be unavailable during an update
        # of a bundle. This follows the same basic approach as a deployment rollout
        # strategy. Once the number of clusters meets unavailable state update will be
        # paused. Default value is 100% which doesn't take effect on update.
        # default: 100%
        maxUnavailable: 15%
        # A number or percentage of cluster partitions that can be unavailable during
        # an update of a bundle.
        # default: 0
        maxUnavailablePartitions: 20%
        # A number of percentage of how to automatically partition clusters if not
        # specific partitioning strategy is configured.
        # default: 25%
        autoPartitionSize: 10%
        # A list of definitions of partitions.  If any target clusters do not match
        # the configuration they are added to partitions at the end following the
        # autoPartitionSize.
        partitions:
          # A user friend name given to the partition used for Display (optional).
          # default: ""
        - name: canary
          # A number or percentage of clusters that can be unavailable in this
          # partition before this partition is treated as done.
          # default: 10%
          maxUnavailable: 10%
          # Selector matching cluster labels to include in this partition
          clusterSelector:
            matchLabels:
              env: prod
          # A cluster group name to include in this partition
          clusterGroup: agroup
          # Selector matching cluster group labels to include in this partition
          clusterGroupSelector: 
            clusterSelector:
              matchLabels:
                env: prod

    # Target customization are used to determine how resources should be modified per target
    # Targets are evaluated in order and the first one to match a cluster is used for that cluster.
    targetCustomizations:
    # The name of target. If not specified a default name of the format "target000"
    # will be used. This value is mostly for display
    - name: prod
      # Custom namespace value overriding the value at the root
      namespace: newvalue
      # Custom defaultNamespace value overriding the value at the root
      defaultNamespace: newdefaultvalue
      # Custom kustomize options overriding the options at the root
      kustomize: {}
      # Custom Helm options override the options at the root
      helm: {}
      # If using raw YAML these are names that map to overlays/{name} that will be used
      # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml
      # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.
      # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
      # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin
      # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.
      yaml:
        overlays:
        - custom2
        - custom3
      # A selector used to match clusters.  The structure is the standard
      # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,
      # clusterSelector will be used only to further refine the selection after
      # clusterGroupSelector and clusterGroup is evaluated.
      clusterSelector:
        matchLabels:
          env: prod
      # A selector used to match a specific cluster by name.    
      clusterName: dev-cluster    
      # A selector used to match cluster groups.
      clusterGroupSelector:
        matchLabels:
          region: us-east
      # A specific clusterGroup by name that will be selected
      clusterGroup: group1

    # dependsOn allows you to configure dependencies to other bundles. The current bundle
    # will only be deployed, after all dependencies are deployed and in a Ready state.
    dependsOn:
      # Format: <GITREPO-NAME>-<BUNDLE_PATH> with all path separators replaced by "-"
      # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"
      - name: one-multi-cluster-hello-world
      # Select bundles to depend on based on their label.
      - selector:
          matchLabels:
            app: weak-monkey
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.6

    fleet.yaml

    The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.

    For more information on how to use the fleet.yaml to customize bundles see Git Repository Contents.

    The content of the fleet.yaml corresponds to https://github.com/rancher/fleet/blob/main/pkg/bundlereader/read.go#L129-L135, which contains the BundleSpec.

    Reference​

    fleet.yaml
    # The default namespace to be applied to resources. This field is not used to
    # enforce or lock down the deployment to a specific namespace, but instead
    # provide the default value of the namespace field if one is not specified
    # in the manifests.
    # Default: default
    defaultNamespace: default

    # All resources will be assigned to this namespace and if any cluster scoped
    # resource exists the deployment will fail.
    # Default: ""
    namespace: default

    # Optional map of labels, that are set at the bundle and can be used in a 
    # dependsOn.selector
    labels:
      key: value

    kustomize:
      # Use a custom folder for kustomize resources. This folder must contain
      # a kustomization.yaml file.
      dir: ./kustomize

    helm:
      # Use a custom location for the Helm chart. This can refer to any go-getter URL or
      # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".
      # This allows one to download charts from most any location.  Also know that
      # go-getter URL supports adding a digest to validate the download. If repo
      # is set below this field is the name of the chart to lookup
      chart: ./chart
      # A https URL to a Helm repo to download the chart from. It's typically easier
      # to just use `chart` field and refer to a tgz file.  If repo is used the
      # value of `chart` will be used as the chart name to lookup in the Helm repository.
      repo: https://charts.rancher.io
      # A custom release name to deploy the chart as. If not specified a release name
      # will be generated by combining the invoking GitRepo.name + GitRepo.path.
      releaseName: my-release
      # Makes helm skip the check for its own annotations
      takeOwnership: false
      # The version of the chart or semver constraint of the chart to find. If a constraint
      # is specified it is evaluated each time git changes.
      # The version also determines which chart to download from OCI registries.
      version: 0.1.0
      # Any values that should be placed in the `values.yaml` and passed to helm during
      # install.
      values:
        any-custom: value
      # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME
      # These can now be accessed directly as variables
      # The variable's value will be an empty string if the referenced cluster label does not
      # exist on the targeted cluster
        variableName: global.fleet.clusterLabels.LABELNAME
      # It is possible to specify the keys and values as go template strings for
      # advanced templating needs. Most of the functions from the sprig templating
      # library are available. However, the `uuidv4` function is not supported.
      # The template context has following keys.
      # `.ClusterValues` are retrieved from target cluster's `spec.templateValues`
      # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.
      # `.ClusterName` as the fleet's cluster resource name.
      # `.ClusterNamespace` as the namespace in which the cluster resource exists.
      # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,
      #       unlike helm which uses {{ }}.
        templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"
        valueFromEnv:
          "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }
      # Path to any values files that need to be passed to helm during install
      valuesFiles:
        - values1.yaml
        - values2.yaml
      # Allow to use values files from configmaps or secrets defined in the downstream clusters
      valuesFrom:
      - configMapKeyRef:
          name: configmap-values
          # default to namespace of bundle
          namespace: default 
          key: values.yaml
      - secretKeyRef:
          name: secret-values
          namespace: default
          key: values.yaml
      # Override immutable resources. This could be dangerous.
      force: false
      # Set the Helm --atomic flag when upgrading
      atomic: false
      # Disable go template pre-processing on the fleet values
      disablePreProcess: false
      # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.
      # It will wait for as long as timeoutSeconds
      waitForJobs: true
      
    # A paused bundle will not update downstream clusters but instead mark the bundle
    # as OutOfSync. One can then manually confirm that a bundle should be deployed to
    # the downstream clusters.
    # Default: false
    paused: false

    rolloutStrategy:
        # A number or percentage of clusters that can be unavailable during an update
        # of a bundle. This follows the same basic approach as a deployment rollout
        # strategy. Once the number of clusters meets unavailable state update will be
        # paused. Default value is 100% which doesn't take effect on update.
        # default: 100%
        maxUnavailable: 15%
        # A number or percentage of cluster partitions that can be unavailable during
        # an update of a bundle.
        # default: 0
        maxUnavailablePartitions: 20%
        # A number of percentage of how to automatically partition clusters if not
        # specific partitioning strategy is configured.
        # default: 25%
        autoPartitionSize: 10%
        # A list of definitions of partitions.  If any target clusters do not match
        # the configuration they are added to partitions at the end following the
        # autoPartitionSize.
        partitions:
          # A user friend name given to the partition used for Display (optional).
          # default: ""
        - name: canary
          # A number or percentage of clusters that can be unavailable in this
          # partition before this partition is treated as done.
          # default: 10%
          maxUnavailable: 10%
          # Selector matching cluster labels to include in this partition
          clusterSelector:
            matchLabels:
              env: prod
          # A cluster group name to include in this partition
          clusterGroup: agroup
          # Selector matching cluster group labels to include in this partition
          clusterGroupSelector: 
            clusterSelector:
              matchLabels:
                env: prod

    # Target customization are used to determine how resources should be modified per target
    # Targets are evaluated in order and the first one to match a cluster is used for that cluster.
    targetCustomizations:
    # The name of target. If not specified a default name of the format "target000"
    # will be used. This value is mostly for display
    - name: prod
      # Custom namespace value overriding the value at the root
      namespace: newvalue
      # Custom defaultNamespace value overriding the value at the root
      defaultNamespace: newdefaultvalue
      # Custom kustomize options overriding the options at the root
      kustomize: {}
      # Custom Helm options override the options at the root
      helm: {}
      # If using raw YAML these are names that map to overlays/{name} that will be used
      # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml
      # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.
      # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
      # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin
      # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.
      yaml:
        overlays:
        - custom2
        - custom3
      # A selector used to match clusters.  The structure is the standard
      # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,
      # clusterSelector will be used only to further refine the selection after
      # clusterGroupSelector and clusterGroup is evaluated.
      clusterSelector:
        matchLabels:
          env: prod
      # A selector used to match a specific cluster by name.    
      clusterName: dev-cluster    
      # A selector used to match cluster groups.
      clusterGroupSelector:
        matchLabels:
          region: us-east
      # A specific clusterGroup by name that will be selected
      clusterGroup: group1

    # dependsOn allows you to configure dependencies to other bundles. The current bundle
    # will only be deployed, after all dependencies are deployed and in a Ready state.
    dependsOn:
      # Format: <GITREPO-NAME>-<BUNDLE_PATH> with all path separators replaced by "-"
      # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"
      - name: one-multi-cluster-hello-world
      # Select bundles to depend on based on their label.
      - selector:
          matchLabels:
            app: weak-monkey
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/ref-gitrepo.html b/0.6/ref-gitrepo.html index b75a4c944..aa82d510a 100644 --- a/0.6/ref-gitrepo.html +++ b/0.6/ref-gitrepo.html @@ -4,14 +4,14 @@ GitRepo Resource | Fleet - +
    Skip to main content
    Version: 0.6

    GitRepo Resource

    The GitRepo resource describes git repositories, how to access them and where the bundles are located.

    The content of the resource corresponds to the GitRepoSpec. -For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      # 
      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression. 
      # Credentials will always be used if it is empty or not provided
      # 
      # helmRepoURLRegex: https://charts.rancher.io/*
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      # 
      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression. 
      # Credentials will always be used if it is empty or not provided
      # 
      # helmRepoURLRegex: https://charts.rancher.io/*
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/ref-registration.html b/0.6/ref-registration.html index d07e169ba..eb215b5d6 100644 --- a/0.6/ref-registration.html +++ b/0.6/ref-registration.html @@ -4,14 +4,14 @@ Cluster Registration Internals | Fleet - +
    Skip to main content
    Version: 0.6

    Cluster Registration Internals

    Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster. -It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/ref-resources.html b/0.6/ref-resources.html index c35fae745..7c310abcb 100644 --- a/0.6/ref-resources.html +++ b/0.6/ref-resources.html @@ -4,13 +4,13 @@ Custom Resources | Fleet - +
    -
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/troubleshooting.html b/0.6/troubleshooting.html index 197981a4d..b1578e681 100644 --- a/0.6/troubleshooting.html +++ b/0.6/troubleshooting.html @@ -4,15 +4,15 @@ Troubleshooting | Fleet - +
    Skip to main content
    Version: 0.6

    Troubleshooting

    This section contains commands and tips to troubleshoot Fleet.

    How Do I...​

    Fetch the log from fleet-controller?​

    In the local management cluster where the fleet-controller is deployed, run the following command with your specific fleet-controller pod name filled in:

    $ kubectl logs -l app=fleet-controller -n cattle-fleet-system

    Fetch the log from the fleet-agent?​

    Go to each downstream cluster and run the following command for the local cluster with your specific fleet-agent pod name filled in:

    # Downstream cluster
    $ kubectl logs -l app=fleet-agent -n cattle-fleet-system
    # Local cluster
    $ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system

    Fetch detailed error logs from GitRepos and Bundles?​

    Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:

    • For more information about the bundle, click on bundle, and the YAML mode will be enabled.
    • For more information about the GitRepo, click on GitRepo, then click on View Yaml in the upper right of the screen. After viewing the YAML, check status.conditions; a detailed error message should be displayed here.
    • Check the fleet-controller for synching errors.
    • Check the fleet-agent log in the downstream cluster if you encounter issues when deploying the bundle.

    Check a chart rendering error in Kustomize?​

    Check the fleet-controller logs and the fleet-agent logs.

    Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?​

    Check the gitjob-controller logs using the following command with your specific gitjob pod name filled in:

    $ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system

    Note that there are two containers inside the pod: the step-git-source container that clones the git repo, and the fleet container that applies bundles based on the git repo.

    The pods will usually have images named rancher/tekton-utils with the gitRepo name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific gitRepoName pod name and namespace:

    $ kubectl logs -f $gitRepoName-pod-name -n namespace

    Check the status of the fleet-controller?​

    You can check the status of the fleet-controller pods by running the commands below:

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    Enable debug logging for fleet-controller and fleet-agent?​

    Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added.

    • Go to the Dashboard, then click on the local cluster in the left navigation menu
    • Select Apps & Marketplace, then Installed Apps from the dropdown
    • From there, you will upgrade the Fleet chart with the value debug=true. You can also set debugLevel=5 if desired.

    Additional Solutions for Other Fleet Issues​

    Naming conventions for CRDs​

    1. For CRD terms like clusters and gitrepos, you must reference the full CRD name. For example, the cluster CRD's complete name is cluster.fleet.cattle.io, and the gitrepo CRD's complete name is gitrepo.fleet.cattle.io.

    2. Bundles, which are created from the GitRepo, follow the pattern $gitrepoName-$path in the same workspace/namespace where the GitRepo was created. Note that $path is the path directory in the git repository that contains the bundle (fleet.yaml).

    3. BundleDeployments, which are created from the bundle, follow the pattern $bundleName-$clusterName in the namespace clusters-$workspace-$cluster-$generateHash. Note that $clusterName is the cluster to which the bundle will be deployed.

    HTTP secrets in Github​

    When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:

    1. Create a personal access token in Github.
    2. In Rancher, create an HTTP secret with your Github username.
    3. Use your token as the secret.

    Fleet fails with bad response code: 403​

    If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your fleet.yaml:

    time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"

    Perform the following steps to assess:

    • Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully
    • Check that your credentials for the git repo are valid

    Helm chart repo: certificate signed by unknown authority​

    If your GitJob returns the error below, you may have added the wrong certificate chain:

    time="2021-11-11T05:55:08Z" level=fatal msg="Get \"https://helm.intra/virtual-helm/index.yaml\": x509: certificate signed by unknown authority"

    Please verify your certificate with the following command:

    context=playground-local
    kubectl get secret -n fleet-default helm-repo -o jsonpath="{['data']['cacerts']}" --context $context | base64 -d | openssl x509 -text -noout
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71
            Signature Algorithm: sha512WithRSAEncryption
            Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3
    ...

    Fleet deployment stuck in modified state​

    When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.

    To ignore the modified flag for the differences between the Helm install generated by fleet.yaml and the resource in your cluster, add a diff.comparePatches to the fleet.yaml for your Deployment, as shown in this example:

    defaultNamespace: <namespace name> 
    helm:  
      releaseName: <release name>  
      repo: <repo name> 
      chart: <chart name>
    diff:  
      comparePatches:  
      - apiVersion: apps/v1
        kind: Deployment
        operations:
        - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}
        - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}
        jsonPointers: # jsonPointers allows to ignore diffs at certain json path
        - "/spec/template/spec/priorityClassName"
        - "/spec/template/spec/tolerations"

    To determine which operations should be removed, observe the logs from fleet-agent on the target cluster. You should see entries similar to the following:

    level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\"spec\":{\"template\":{\"spec\":{\"hostNetwork\":false}}}}"

    Based on the above log, you can add the following entry to remove the operation:

    {"op":"remove", "path":"/spec/template/spec/hostNetwork"}

    GitRepo or Bundle stuck in modified state​

    Modified means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository.

    1. Check the bundle diffs documentation for more information.

    2. You can also force update the gitrepo to perform a manual resync. Select GitRepo on the left navigation bar, then select Force Update.

    Bundle has a Horizontal Pod Autoscaler (HPA) in modified state​

    For bundles with an HPA, the expected state is Modified, as the bundle contains fields that differ from the state of the Bundle at deployment - usually ReplicaSet.

    You must define a patch in the fleet.yaml to ignore this field according to GitRepo or Bundle stuck in modified state.

    Here is an example of such a patch for the deployment nginx in namespace default:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: nginx
        namespace: default
        operations:
        - {"op": "remove", "path": "/spec/replicas"}

    What if the cluster is unavailable, or is in a WaitCheckIn state?​

    You will need to re-import and restart the registration process: Select Cluster on the left navigation bar, then select Force Update

    caution

    WaitCheckIn status for Rancher v2.5: The cluster will show in WaitCheckIn status because the fleet-controller is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the Rancher docs.

    GitRepo complains with gzip: invalid header​

    When you see an error like the one below ...

    Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header

    ... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content.

    Agent is no longer registered​

    You can force a redeployment of an agent for a given cluster by setting redeployAgentGeneration.

    kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p '[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]'

    Nested GitRepo CRs​

    Managing Fleet within Fleet (nested GitRepo usage) is not currently supported. We will update the documentation if support becomes available.

    Migrate the local cluster to the Fleet default cluster workspace?​

    Users can create new workspaces and move clusters across workspaces. -It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/tut-deployment.html b/0.6/tut-deployment.html index 923cd30a4..58bb69bb4 100644 --- a/0.6/tut-deployment.html +++ b/0.6/tut-deployment.html @@ -4,7 +4,7 @@ Creating a Deployment | Fleet - + @@ -13,8 +13,8 @@ For more details on the options that are available per Git repository see Adding a GitRepo.

    Single-Cluster Examples​

    All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet.

    An example using Helm. We are deploying the helm example to the local cluster.

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment:

    fleet.yaml
    namespace: fleet-helm-example

    # Custom helm options
    helm:
      # The release name to use. If empty a generated release name will be used
      releaseName: guestbook

      # The directory of the chart in the repo.  Also any valid go-getter supported
      # URL can be used there is specify where to download the chart from.
      # If repo below is set this value if the chart name in the repo
      chart: ""

      # An https to a valid Helm repository to download the chart from
      repo: ""

      # Used if repo is set to look up the version of the chart
      version: ""

      # Force recreate resource that can not be updated
      force: false

      # How long for helm to wait for the release to be active. If the value
      # is less that or equal to zero, we will not wait in Helm
      timeoutSeconds: 0

      # Custom values that will be passed as values.yaml to the installation
      values:
        replicas: 2

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-local namespace contains the local cluster resource. The local fleet-agent will create the deployment in the fleet-helm-example namespace.

    kubectl apply -n fleet-local -f - <<EOF
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - single-cluster/helm
    EOF

    Multi-Cluster Examples​

    The examples below will deploy a multi git repo to multiple clusters at once and configure the app differently for each target.

    An example using Helm. We are deploying the helm example and customizing it per target cluster

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment. The fleet.yaml is used to configure different deployment options, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-helm-example
    targetCustomizations:
    - name: dev
      helm:
        values:
          replication: false
      clusterSelector:
        matchLabels:
          env: dev

    - name: test
      helm:
        values:
          replicas: 3
      clusterSelector:
        matchLabels:
          env: test

    - name: prod
      helm:
        values:
          serviceType: LoadBalancer
          replicas: 3
      clusterSelector:
        matchLabels:
          env: prod

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/helm
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod

    By applying the gitrepo resource to the upstream cluster, fleet will start to monitor the repository and create deployments:

    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +The application will be customized as follows per environment:

    • Dev clusters: Only the redis leader is deployed and not the followers.
    • Test clusters: Scale the front deployment to 3
    • Prod clusters: Scale the front deployment to 3 and set the service type to LoadBalancer

    The fleet.yaml is used to control which 'yaml' overlays are used, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-manifest-example
    targetCustomizations:
    - name: dev
      clusterSelector:
        matchLabels:
          env: dev
      yaml:
        overlays:
        # Refers to overlays/noreplication folder
        - noreplication

    - name: test
      clusterSelector:
        matchLabels:
          env: test
      yaml:
        overlays:
        # Refers to overlays/scale3 folder
        - scale3

    - name: prod
      clusterSelector:
        matchLabels:
          env: prod
      yaml:
        # Refers to overlays/servicelb, scale3 folders
        overlays:
        - servicelb
        - scale3

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: manifests
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/manifests
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod
    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/uninstall.html b/0.6/uninstall.html index ae3bbd313..1fb489824 100644 --- a/0.6/uninstall.html +++ b/0.6/uninstall.html @@ -4,15 +4,15 @@ Uninstall | Fleet - +
    Skip to main content
    Version: 0.6

    Uninstall

    Fleet is packaged as two Helm charts so uninstall is accomplished by uninstalling the appropriate Helm charts. To uninstall Fleet run the following -two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    caution

    Uninstalling the CRDs will remove all deployed workloads.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    caution

    Uninstalling the CRDs will remove all deployed workloads.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.6/webhook.html b/0.6/webhook.html index 685f8f8b7..1c0801fac 100644 --- a/0.6/webhook.html +++ b/0.6/webhook.html @@ -4,7 +4,7 @@ Using Webhooks Instead of Polling | Fleet - + @@ -12,8 +12,8 @@
    Skip to main content
    Version: 0.6

    Using Webhooks Instead of Polling

    By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs.

    1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.​

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: webhook-ingress
      namespace: cattle-fleet-system
    spec:
      rules:
      - host: your.domain.com
        http:
          paths:
            - path: /
              pathType: Prefix
              backend:
                service:
                  name: gitjob
                  port:
                    number: 80
    info

    You can configure TLS on ingress.

    2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.​

    Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default. If your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the -secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7.html b/0.7.html index 9e8db5160..1285ddbf9 100644 --- a/0.7.html +++ b/0.7.html @@ -4,13 +4,13 @@ Overview | Fleet - +
    -
    Skip to main content
    Version: 0.7

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/architecture.html b/0.7/architecture.html index c570463ca..046e947c7 100644 --- a/0.7/architecture.html +++ b/0.7/architecture.html @@ -4,7 +4,7 @@ Architecture | Fleet - + @@ -28,8 +28,8 @@ The cluster registration token is used only during the registration process to g to that cluster. After the cluster credential is established the cluster "forgets" the cluster registration token.

    The service accounts given to the clusters only have privileges to list BundleDeployment in the namespace created specifically for that cluster. It can also update the status subresource of BundleDeployment and the status -subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/bundle-add.html b/0.7/bundle-add.html index 964d75ccb..07ca0d449 100644 --- a/0.7/bundle-add.html +++ b/0.7/bundle-add.html @@ -4,7 +4,7 @@ Create a Bundle Resource | Fleet - + @@ -15,8 +15,8 @@ manually by the user. If you want to deploy resources from a git repository use When creating a Bundle resources need to be explicitly specified in the Bundle Spec. Resources can be compressed with gz. See here an example of how Rancher uses compression in go code.

    If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in GitRepo. -See Mapping to Downstream Clusters.

    The following example creates a nginx Deployment in the local cluster:

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      resources:
      # List of all resources that will be deployed
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml
      targets:
      - clusterName: local

    Limitations​

    Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:

    • spec.helm.repo
    • spec.helm.charts

    You can't use a fleet.yaml in resources, it is only used by the fleet-cli to create bundles.

    The spec.targetRestrictions field is not useful, as it is an allow list for targets specified in spec.targets. It is not needed, since targets are explicitly given in a bundle and an empty targetRestrictions defaults to allow.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +See Mapping to Downstream Clusters.

    The following example creates a nginx Deployment in the local cluster:

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      resources:
      # List of all resources that will be deployed
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml
      targets:
      - clusterName: local

    Limitations​

    Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:

    • spec.helm.repo
    • spec.helm.charts

    You can't use a fleet.yaml in resources, it is only used by the fleet-cli to create bundles.

    The spec.targetRestrictions field is not useful, as it is an allow list for targets specified in spec.targets. It is not needed, since targets are explicitly given in a bundle and an empty targetRestrictions defaults to allow.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/bundle-diffs.html b/0.7/bundle-diffs.html index b704270d6..49f2f5802 100644 --- a/0.7/bundle-diffs.html +++ b/0.7/bundle-diffs.html @@ -4,14 +4,14 @@ Generating Diffs to Ignore Modified GitRepos | Fleet - +
    Skip to main content
    Version: 0.7

    Generating Diffs to Ignore Modified GitRepos

    Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.

    You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the Bundles section.

    The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the caBundle is empty and the CA cert is injected by the cluster.

    This leads the status of the bundle and associated GitRepo to be reported as "Modified"

    Associated Bundle -

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    https://github.com/rancher/fleet-examples/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    https://github.com/rancher/fleet-examples/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/changelogs.html b/0.7/changelogs.html index fa0bc6ce4..50a1db106 100644 --- a/0.7/changelogs.html +++ b/0.7/changelogs.html @@ -4,13 +4,13 @@ 0.7 Changelogs | Fleet - +
    -
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/changelogs/changelogs/v0.7.0.html b/0.7/changelogs/changelogs/v0.7.0.html index a282373c3..22ec0261f 100644 --- a/0.7/changelogs/changelogs/v0.7.0.html +++ b/0.7/changelogs/changelogs/v0.7.0.html @@ -4,13 +4,13 @@ v0.7.0 | Fleet - +
    -
    Skip to main content
    Version: 0.7

    v0.7.0

    • (rancherio-gh-m) released this 2023-06-12 13:24:29 +0000 UTC*

    Description​

    Notes

    The packaged helm chart fleet-0.7.0.tgz was reuploaded to fix the Gitjob version constraint following #1593

    Additions

    • Add agent config for tolerations, affinity, resources on cluster by @manno in #1433
    • Add JSON schema validation for agent customization in cluster CRD by @raulcabello in #1490
    • Configure tolerations for fleet-agent from cluster CR by @rajiteh in #1154
    • Agent registration recovery by @rancherbot in #1579
    • Clean up orphaned request service accounts, remove unused managed annotations by @thardeck in #1310
    • Add flag to disable local cluster bootstrap by @manno in #1207
    • Fix agent not starting in old fleet-system namespace by @raulcabello in #1316
    • Configure FLEET_CLUSTER_ENQUEUE_DELAY in helm chart by @johnjcool in #1404
    • Do not always create a Bundle for the root path by @raulcabello in #1309
    • Always get labels from Bundle when creating a BundleDeployment by @raulcabello in #1428
    • Add helm capabilities to agent's deployer by @manno in #1287
    • Add waitForJobs as a helm option by @raulcabello in #1330
    • Allow resources to be kept when deleting a GitRepo or a Bundle by @raulcabello in #1382
    • Improve behavior on failed deployments by @moio in #1485
    • Add ignore conditions for the status of deployed custom resources by @raulcabello in #1482

    Bugfixes

    • Ensure fleet-agent's helm release name has valid length by @manno in #1353
    • Ensure ClusterRegistrationToken name is below 63 characters by @manno in #1360
    • AllowedRepoPatterns in GitRepoRestriction is matched against Repo by @johnjcool in #1379
    • Properly set keepResources if releaseName is empty by @raulcabello in #1394
    • Retry helm upgrade if it was interrupted by @raulcabello in #1424
    • Fix BundleNamespaceMapping ignoring bundle selector by @manno in #1425
    • Don't ignore config map reference in valuesFrom list element by @manno in #1431
    • Agent should only select Linux nodes by @manno in #1505
    • Also check chart with the helmRepoURLRegex by @raulcabello in #1341
    • Fix cluster targeting and missing customizations by @raulcabello in #1473

    What's Changed

    • Add container security context to fleet-agent helm chart by @puffitos in #1293
    • Managed fleet-agent uses same securityContext as helm chart by @thardeck in #1314
    • Remove fleet-agent simulators by @manno in #1206
    • Remove flag to disable leaderElection for simulators by @raulcabello in #1426
    • Add Github action to release Fleet against Rancher by @thardeck in #1346
    • Change version number for nightly releases by @manno in #1367
    • Log regex compilation error in git repo restriction with patterns by @manno in #1383
    • Split Examples Tests from E2E Tests by @manno in #1397
    • Add nightly e2e workflow to test more k8s versions by @manno in #1518
    • Replace deprecated command in Github action with environment file by @jongwooo in #1500

    New Contributors

    Full Changelog: v0.6.0...v0.7.0

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    v0.7.0

    • (rancherio-gh-m) released this 2023-06-12 13:24:29 +0000 UTC*

    Description​

    Notes

    The packaged helm chart fleet-0.7.0.tgz was reuploaded to fix the Gitjob version constraint following #1593

    Additions

    • Add agent config for tolerations, affinity, resources on cluster by @manno in #1433
    • Add JSON schema validation for agent customization in cluster CRD by @raulcabello in #1490
    • Configure tolerations for fleet-agent from cluster CR by @rajiteh in #1154
    • Agent registration recovery by @rancherbot in #1579
    • Clean up orphaned request service accounts, remove unused managed annotations by @thardeck in #1310
    • Add flag to disable local cluster bootstrap by @manno in #1207
    • Fix agent not starting in old fleet-system namespace by @raulcabello in #1316
    • Configure FLEET_CLUSTER_ENQUEUE_DELAY in helm chart by @johnjcool in #1404
    • Do not always create a Bundle for the root path by @raulcabello in #1309
    • Always get labels from Bundle when creating a BundleDeployment by @raulcabello in #1428
    • Add helm capabilities to agent's deployer by @manno in #1287
    • Add waitForJobs as a helm option by @raulcabello in #1330
    • Allow resources to be kept when deleting a GitRepo or a Bundle by @raulcabello in #1382
    • Improve behavior on failed deployments by @moio in #1485
    • Add ignore conditions for the status of deployed custom resources by @raulcabello in #1482

    Bugfixes

    • Ensure fleet-agent's helm release name has valid length by @manno in #1353
    • Ensure ClusterRegistrationToken name is below 63 characters by @manno in #1360
    • AllowedRepoPatterns in GitRepoRestriction is matched against Repo by @johnjcool in #1379
    • Properly set keepResources if releaseName is empty by @raulcabello in #1394
    • Retry helm upgrade if it was interrupted by @raulcabello in #1424
    • Fix BundleNamespaceMapping ignoring bundle selector by @manno in #1425
    • Don't ignore config map reference in valuesFrom list element by @manno in #1431
    • Agent should only select Linux nodes by @manno in #1505
    • Also check chart with the helmRepoURLRegex by @raulcabello in #1341
    • Fix cluster targeting and missing customizations by @raulcabello in #1473

    What's Changed

    • Add container security context to fleet-agent helm chart by @puffitos in #1293
    • Managed fleet-agent uses same securityContext as helm chart by @thardeck in #1314
    • Remove fleet-agent simulators by @manno in #1206
    • Remove flag to disable leaderElection for simulators by @raulcabello in #1426
    • Add Github action to release Fleet against Rancher by @thardeck in #1346
    • Change version number for nightly releases by @manno in #1367
    • Log regex compilation error in git repo restriction with patterns by @manno in #1383
    • Split Examples Tests from E2E Tests by @manno in #1397
    • Add nightly e2e workflow to test more k8s versions by @manno in #1518
    • Replace deprecated command in Github action with environment file by @jongwooo in #1500

    New Contributors

    Full Changelog: v0.6.0...v0.7.0

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/changelogs/changelogs/v0.7.1.html b/0.7/changelogs/changelogs/v0.7.1.html index efd3f0898..83eebfb2e 100644 --- a/0.7/changelogs/changelogs/v0.7.1.html +++ b/0.7/changelogs/changelogs/v0.7.1.html @@ -4,13 +4,13 @@ v0.7.1 | Fleet - +
    -
    Skip to main content
    Version: 0.7

    v0.7.1

    • (rancherio-gh-m) released this 2023-08-16 10:56:37 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.7.0...v0.7.1

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    v0.7.1

    • (rancherio-gh-m) released this 2023-08-16 10:56:37 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.7.0...v0.7.1

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/cli/fleet-agent.html b/0.7/cli/fleet-agent.html index 0a9a4fc78..923d0923b 100644 --- a/0.7/cli/fleet-agent.html +++ b/0.7/cli/fleet-agent.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/cli/fleet-cli/fleet.html b/0.7/cli/fleet-cli/fleet.html index 69bab17f6..c5a7942c2 100644 --- a/0.7/cli/fleet-cli/fleet.html +++ b/0.7/cli/fleet-cli/fleet.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Version: 0.7

    fleet​

    fleet [flags]

    Options​

          --context string            kubeconfig context for authentication
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet test - Match a bundle to a target and render the output
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    fleet​

    fleet [flags]

    Options​

          --context string            kubeconfig context for authentication
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet test - Match a bundle to a target and render the output
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/cli/fleet-cli/fleet_apply.html b/0.7/cli/fleet-cli/fleet_apply.html index f584da7a2..5920eb39d 100644 --- a/0.7/cli/fleet-cli/fleet_apply.html +++ b/0.7/cli/fleet-cli/fleet_apply.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Version: 0.7

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string           Location of the raw Bundle resource yaml
          --cacerts-file string          Path of custom cacerts for helm repo
          --commit string                Commit to assign to the bundle
      -c, --compress                     Force all resources to be compress
          --debug                        Turn on debug logging
          --debug-level int              If debugging is enabled, set klog -v=X
      -f, --file string                  Location of the fleet.yaml
      -h, --help                         help for apply
      -l, --label strings                Labels to apply to created bundles
      -o, --output string                Output contents to file or - for stdout
          --password-file string         Path of file containing basic auth password for helm repo
          --paused                       Create bundles in a paused state
      -a, --service-account string       Service account to assign to bundle created
          --ssh-privatekey-file string   Path of ssh-private-key for helm repo
          --sync-generation int          Generation number used to force sync the deployment
          --target-namespace string      Ensure this bundle goes to this target namespace
          --targets-file string          Addition source of targets and restrictions to be append
          --username string              Basic auth username for helm repo

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string           Location of the raw Bundle resource yaml
          --cacerts-file string          Path of custom cacerts for helm repo
          --commit string                Commit to assign to the bundle
      -c, --compress                     Force all resources to be compress
          --debug                        Turn on debug logging
          --debug-level int              If debugging is enabled, set klog -v=X
      -f, --file string                  Location of the fleet.yaml
      -h, --help                         help for apply
      -l, --label strings                Labels to apply to created bundles
      -o, --output string                Output contents to file or - for stdout
          --password-file string         Path of file containing basic auth password for helm repo
          --paused                       Create bundles in a paused state
      -a, --service-account string       Service account to assign to bundle created
          --ssh-privatekey-file string   Path of ssh-private-key for helm repo
          --sync-generation int          Generation number used to force sync the deployment
          --target-namespace string      Ensure this bundle goes to this target namespace
          --targets-file string          Addition source of targets and restrictions to be append
          --username string              Basic auth username for helm repo

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/cli/fleet-cli/fleet_test.html b/0.7/cli/fleet-cli/fleet_test.html index b901b0c2b..1ab7f4dfe 100644 --- a/0.7/cli/fleet-cli/fleet_test.html +++ b/0.7/cli/fleet-cli/fleet_test.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Version: 0.7

    fleet test​

    Match a bundle to a target and render the output

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
          --debug                 Turn on debug logging
          --debug-level int       If debugging is enabled, set klog -v=X
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    fleet test​

    Match a bundle to a target and render the output

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
          --debug                 Turn on debug logging
          --debug-level int       If debugging is enabled, set klog -v=X
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/cli/fleet-controller/fleet-manager.html b/0.7/cli/fleet-controller/fleet-manager.html index c9b8111bf..55ecfcc59 100644 --- a/0.7/cli/fleet-controller/fleet-manager.html +++ b/0.7/cli/fleet-controller/fleet-manager.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/cluster-bundles-state.html b/0.7/cluster-bundles-state.html index 9302bdc6c..6de367677 100644 --- a/0.7/cluster-bundles-state.html +++ b/0.7/cluster-bundles-state.html @@ -4,13 +4,13 @@ Cluster and Bundle State | Fleet - +
    -
    Skip to main content
    Version: 0.7

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/cluster-group.html b/0.7/cluster-group.html index 3c923d2f4..526deb88d 100644 --- a/0.7/cluster-group.html +++ b/0.7/cluster-group.html @@ -4,7 +4,7 @@ Create Cluster Groups | Fleet - + @@ -13,8 +13,8 @@ The only parameter for a cluster group is essentially the selector. When you get to a certain scale cluster groups become a more reasonable way to manage your clusters. Cluster groups serve the purpose of giving aggregated -status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/cluster-registration.html b/0.7/cluster-registration.html index fbdcd4a04..a7e56094a 100644 --- a/0.7/cluster-registration.html +++ b/0.7/cluster-registration.html @@ -4,7 +4,7 @@ Register Downstream Clusters | Fleet - + @@ -75,8 +75,8 @@ above example one can run the following one-liner:

    info

    If you are using Fleet standalone without Rancher, it must be installed as described in installation details.

    The manager-initiated registration is used when you add a cluster from the Rancher dashboard.

    Create Kubeconfig Secret​

    The format of this secret is intended to match the format of the kubeconfig secret used in cluster-api. -This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/concepts.html b/0.7/concepts.html index 13328e5bc..dbf6a9602 100644 --- a/0.7/concepts.html +++ b/0.7/concepts.html @@ -4,7 +4,7 @@ Core Concepts | Fleet - + @@ -24,8 +24,8 @@ Regardless of the source the contents are dynamically rendered into a Helm chart and installed into the downstream cluster as a helm release.

    • To see the life cycle of a bundle, click here.

  • BundleDeployment: When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for -the cluster the agent is managing.

    • For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click here.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the cluster the agent is managing.

    • For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click here.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/gitrepo-add.html b/0.7/gitrepo-add.html index 306be0d04..69650879e 100644 --- a/0.7/gitrepo-add.html +++ b/0.7/gitrepo-add.html @@ -4,7 +4,7 @@ Create a GitRepo Resource | Fleet - + @@ -15,8 +15,8 @@ Make sure you don't leak credentials by mixing public and private repositor or split them into different gitrepos, or use helmRepoURLRegex to limit the scope of credentials to certain servers.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    Use different helm credentials for each path​

    info

    gitRepo.spec.helmSecretName will be ignored if gitRepo.spec.helmSecretNameForPaths is provided

    Create a file secrets-path.yaml that contains credentials for each path defined in a GitRepo. Credentials will not be used for paths that are not present in this file. The path is the actual path to the bundle (ie to a folder containing a fleet.yaml file) within the git repository, which might have more segments than the entry under paths:.

    Example:

    path-one: # path path-one must exist in the repository
      username: user
      password: pass
    path-two:  # path path-one must exist in the repository
      username: user2
      password: pass2
      caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
      sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K

    Create the secret

    kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml

    In the previous example credentials for username user will be used for the path path-one and credentials for username -user2 will be used for the path path-two.

    caBundle and sshPrivateKey must be base64 encoded.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +user2 will be used for the path path-two.

    caBundle and sshPrivateKey must be base64 encoded.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/gitrepo-content.html b/0.7/gitrepo-content.html index e16e722c3..66586cdb9 100644 --- a/0.7/gitrepo-content.html +++ b/0.7/gitrepo-content.html @@ -4,7 +4,7 @@ Git Repository Contents | Fleet - + @@ -43,8 +43,8 @@ the contents of a file the convention of adding _patch. (notice the will be replaced with . from the file name and that will be used as the target. For example deployment_patch.yaml will target deployment.yaml. The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch. Which strategy is used is based on the file content. Even though JSON strategies are used, the files can be written -using YAML syntax.

    Cluster and Bundle State​

    See Cluster and Bundle state.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +using YAML syntax.

    Cluster and Bundle State​

    See Cluster and Bundle state.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/gitrepo-targets.html b/0.7/gitrepo-targets.html index 552a5081d..e6e5c465e 100644 --- a/0.7/gitrepo-targets.html +++ b/0.7/gitrepo-targets.html @@ -4,7 +4,7 @@ Mapping to Downstream Clusters | Fleet - + @@ -23,8 +23,8 @@ and add clusters to it.

    this issue for more details.

  • Helm.WaitForJobs

  • Kustomize.Dir

  • YAML.Overlays

  • Diff.ComparePatches

    • Additional Examples​

    Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations -of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/imagescan.html b/0.7/imagescan.html index 4d7bb8049..60d2a652e 100644 --- a/0.7/imagescan.html +++ b/0.7/imagescan.html @@ -4,15 +4,15 @@ Using Image Scan to Update Container Image References | Fleet - +
    Skip to main content
    Version: 0.7

    Using Image Scan to Update Container Image References

    Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository, without the need to manually update your manifests.

    caution

    This feature is considered as experimental feature.

    Go to fleet.yaml and add the following section.

    imageScans:
    # specify the policy to retrieve images, can be semver or alphabetical order
    - policy:
        # if range is specified, it will take the latest image according to semver order in the range
        # for more details on how to use semver, see https://github.com/Masterminds/semver
        semver:
          range: "*"
        # can use ascending or descending order
        alphabetical:
          order: asc

      # specify images to scan
      image: "your.registry.com/repo/image"

      # Specify the tag name, it has to be unique in the same bundle
      tagName: test-scan

      # specify secret to pull image if in private registry
      secretRef:
        name: dockerhub-secret

      # Specify the scan interval
      interval: 5m
    info

    You can create multiple image scans in fleet.yaml.

    Go to your manifest files and update the field that you want to replace. For example:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: redis-slave
    spec:
      selector:
        matchLabels:
          app: redis
          role: slave
          tier: backend
      replicas: 2
      template:
        metadata:
          labels:
            app: redis
            role: slave
            tier: backend
        spec:
          containers:
          - name: slave
            image: <image>:<tag> # {"$imagescan": "test-scan"}
            resources:
              requests:
                cpu: 100m
                memory: 100Mi
            ports:
            - containerPort: 6379
    note

    There are multiple form of tagName you can reference. For example

    {"$imagescan": "test-scan"}: Use full image name(foo/bar:tag)

    {"$imagescan": "test-scan:name"}: Only use image name without tag(foo/bar)

    {"$imagescan": "test-scan:tag"}: Only use image tag

    {"$imagescan": "test-scan:digest"}: Use full image name with digest(foo/bar:tag@sha256...)

    Create a GitRepo that includes your fleet.yaml

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: my-repo
      namespace: fleet-local
    spec:
      # change this to be your own repo
      repo: https://github.com/rancher/fleet-examples
      # define how long it will sync all the images and decide to apply change
      imageScanInterval: 5m
      # user must properly provide a secret that have write access to git repository
      clientSecretName: secret
      # specify the commit pattern
      imageScanCommit:
        authorName: foo
        authorEmail: foo@bar.com
        messageTemplate: "update image"

    Try pushing a new image tag, for example, <image>:<new-tag>. Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml. -Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/installation.html b/0.7/installation.html index bbf205e68..cb9a2ae3a 100644 --- a/0.7/installation.html +++ b/0.7/installation.html @@ -4,7 +4,7 @@ Installation Details | Fleet - + @@ -37,8 +37,8 @@ the ca.pem is not correct. The contents of the $API_SERVER_CA and the CA certificate is in the file ca.pem. If your API server URL is signed by a well-known CA you can omit the apiServerCA parameter below or just create an empty ca.pem file (ie touch ca.pem).

    Setup the environment with your specific values, e.g.:

    API_SERVER_URL="https://example.com:6443"
    API_SERVER_CA="ca.pem"

    Once you have validated the API server URL and API server CA parameters, install the following two Helm charts.

    First add Fleet's Helm repository.
    helm repo add fleet https://rancher.github.io/fleet-helm-charts/

    Second install the Fleet CustomResourcesDefintions.

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd

    Third install the Fleet controllers.

    helm -n cattle-fleet-system install --create-namespace --wait \
        --set apiServerURL="$API_SERVER_URL" \
        --set-file apiServerCA="$API_SERVER_CA" \
        fleet

    At this point the Fleet manager should be ready. You can now register clusters and git repos with -the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/multi-user.html b/0.7/multi-user.html index effd96136..1d7a86a06 100644 --- a/0.7/multi-user.html +++ b/0.7/multi-user.html @@ -4,7 +4,7 @@ Setup Multi User | Fleet - + @@ -17,8 +17,8 @@ deploy cluster wide resources. Even with the available Fleet restrictions, users are only restricted to namespaces, but namespaces don't provide much isolation on their own. E.g. they can still consume as many resources as they like.

    However, the existing Fleet restrictions allow users to share clusters, and -deploy resources without conflicts.

    Example User​

    This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace.

    kubectl create serviceaccount fleetuser
    kubectl create namespace project1
    kubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser

    If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:

    kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser
    kubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser

    This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +deploy resources without conflicts.

    Example User​

    This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace.

    kubectl create serviceaccount fleetuser
    kubectl create namespace project1
    kubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser

    If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:

    kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser
    kubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser

    This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/namespaces.html b/0.7/namespaces.html index 1fe4b923e..4de4987a6 100644 --- a/0.7/namespaces.html +++ b/0.7/namespaces.html @@ -4,7 +4,7 @@ Namespaces | Fleet - + @@ -39,8 +39,8 @@ in an error state and won't be deployed.

    This can also be used to set If an allowedTargetNamespaces restriction is present, all GitRepos must specify a targetNamespace and the specified namespace must be in the allow list. -This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/quickstart.html b/0.7/quickstart.html index 3b9c46a29..d299ddfb3 100644 --- a/0.7/quickstart.html +++ b/0.7/quickstart.html @@ -4,15 +4,15 @@ Quick Start | Fleet - +
    Version: 0.7

    Quick Start

    Who needs documentation, lets just run this thing!

    Install​

    Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is fairly straightforward. To install the Helm 3 CLI follow the official install instructions.

    Fleet in Rancher

    Rancher has separate helm charts for Fleet and uses a different repository.

    brew install helm
    helm repo add fleet https://rancher.github.io/fleet-helm-charts/

    Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)

    helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \
        fleet/fleet-crd
    helm -n cattle-fleet-system install --create-namespace --wait fleet \
        fleet/fleet

    Add a Git Repo to Watch​

    Change spec.repo to your git repo of choice. Kubernetes manifest files that should -be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/ref-bundle-stages.html b/0.7/ref-bundle-stages.html index c332985c4..109c4c2e3 100644 --- a/0.7/ref-bundle-stages.html +++ b/0.7/ref-bundle-stages.html @@ -4,13 +4,13 @@ Bundle Lifecycle | Fleet - +
    -
    Version: 0.7

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/ref-bundle.html b/0.7/ref-bundle.html index ffc8d317b..5c65ac3a1 100644 --- a/0.7/ref-bundle.html +++ b/0.7/ref-bundle.html @@ -4,14 +4,14 @@ Bundle Resource | Fleet - +
    Version: 0.7

    Bundle Resource

    Bundles are automatically created by Fleet when a GitRepo is created.

    The content of the resource corresponds to the BundleSpec. -For more information on how to use the Bundle resource Create a Bundle Resource.

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # Namespace used for resources that do not specify a namespace.
      # This field is not used to enforce or lock down the deployment to a specific namespace.
      # defaultNamespace: test

      # If present will assign all resource to this
      # namespace and if any cluster scoped resource exists the deployment will fail.
      # targetNamespace: app

      # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.
      # kustomize: ...

      # Helm options for the deployment, like the chart name, repo and values.
      # helm: ...

      # ServiceAccount which will be used to perform this deployment.
      # serviceAccount: sa

      # ForceSyncGeneration is used to force a redeployment.
      # forceSyncGeneration: 0

      # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.
      # yaml: ...

      # Diff can be used to ignore the modified state of objects which are amended at runtime.
      # A specific commit or tag can also be watched.
      #
      # diff: ...

      # KeepResources can be used to keep the deployed resources when removing the bundle.
      # keepResources: false

      # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.
      # paused: false

      # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.
      # rolloutStrategy: ...

      # Contain the actual resources from the git repo which will be deployed.
      resources:
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

      # This field is used by Fleet internally, and it should not be modified manually.
      # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.
      # targetRestrictions: ...

      # Refers to the bundles which must be ready before this bundle can be deployed.
      # dependsOn: ...

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For more information on how to use the Bundle resource Create a Bundle Resource.

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # Namespace used for resources that do not specify a namespace.
      # This field is not used to enforce or lock down the deployment to a specific namespace.
      # defaultNamespace: test

      # If present will assign all resource to this
      # namespace and if any cluster scoped resource exists the deployment will fail.
      # targetNamespace: app

      # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.
      # kustomize: ...

      # Helm options for the deployment, like the chart name, repo and values.
      # helm: ...

      # ServiceAccount which will be used to perform this deployment.
      # serviceAccount: sa

      # ForceSyncGeneration is used to force a redeployment.
      # forceSyncGeneration: 0

      # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.
      # yaml: ...

      # Diff can be used to ignore the modified state of objects which are amended at runtime.
      # A specific commit or tag can also be watched.
      #
      # diff: ...

      # KeepResources can be used to keep the deployed resources when removing the bundle.
      # keepResources: false

      # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.
      # paused: false

      # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.
      # rolloutStrategy: ...

      # Contain the actual resources from the git repo which will be deployed.
      resources:
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

      # This field is used by Fleet internally, and it should not be modified manually.
      # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.
      # targetRestrictions: ...

      # Refers to the bundles which must be ready before this bundle can be deployed.
      # dependsOn: ...

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/ref-configuration.html b/0.7/ref-configuration.html index 910935fdb..62dfcf5c3 100644 --- a/0.7/ref-configuration.html +++ b/0.7/ref-configuration.html @@ -4,7 +4,7 @@ Configuration | Fleet - + @@ -12,8 +12,8 @@
    Skip to main content
    Version: 0.7

    Configuration

    A reference list of, mostly internal, configuration options.

    Helm Charts​

    The Helm charts accept, at least, the options as shown with their default in values.yaml:

    Environment Variables​

    The controllers can be started with these environment variables:

    • CATTLE_DEV_MODE - used to debug wrangler, not usable
    • FLEET_CLUSTER_ENQUEUE_DELAY - tune how often non-ready clusters are checked
    • FLEET_CPU_PPROF_PERIOD - used to turn on performance profiling

    Configuration​

    In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments.

    The config struct is used in both config maps:

    • cattle-fleet-system/fleet-agent
    • cattle-fleet-system/fleet-controller

    Labels​

    Labels used by fleet:

    • fleet.cattle.io/agent=true - NodeSelector label for agent's deployment affinity setting
    • fleet.cattle.io/non-managed-agent - managed agent bundle won't target Clusters with this label
    • fleet.cattle.io/repo-name - used on Bundle to reference the git repo resource
    • fleet.cattle.io/bundle-namespace - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/bundle-name - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/managed=true - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces.
    • fleet.cattle.io/bootstrap-token - unused

    Annotations​

    Annotations used by fleet:

    • fleet.cattle.io/agent-namespace
    • fleet.cattle.io/bundle-id
    • fleet.cattle.io/cluster, fleet.cattle.io/cluster-namespace - used on a cluster namespace to reference the cluster registration namespace and cluster name
    • fleet.cattle.io/cluster-group
    • fleet.cattle.io/cluster-registration-namespace
    • fleet.cattle.io/cluster-registration
    • fleet.cattle.io/commit
    • fleet.cattle.io/managed - appears unused
    • fleet.cattle.io/service-account

    Fleet agent configuration​

    Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a Cluster, see Registering Downstream Cluster for more info on how to create Clusters. Default configuration will be used if these fields are not provided.

    If you change the resources limits, make sure the limits allow the fleet-agent to work normally.

    Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults. -Agents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Agents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/ref-crds.html b/0.7/ref-crds.html index 93ca8b4f9..c641d2f15 100644 --- a/0.7/ref-crds.html +++ b/0.7/ref-crds.html @@ -4,13 +4,13 @@ Custom Resources Spec | Fleet - +
    -
    Version: 0.7

    Custom Resources Spec

    Sub Resources

    GitRepo​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsstringfalse
    statestringfalse
    messagestringfalse
    errorboolfalse

    Back to Custom Resources

    GitRepoResource​

    FieldDescriptionSchemeRequired
    apiVersionstringfalse
    kindstringfalse
    typestringfalse
    idstringfalse
    namespacestringfalse
    namestringfalse
    incompleteStateboolfalse
    statestringfalse
    errorboolfalse
    transitioningboolfalse
    messagestringfalse
    perClusterState[]ResourcePerClusterStatefalse

    Back to Custom Resources

    GitRepoResourceCounts​

    FieldDescriptionSchemeRequired
    readyinttrue
    desiredReadyinttrue
    waitAppliedinttrue
    modifiedinttrue
    orphanedinttrue
    missinginttrue
    unknowninttrue
    notReadyinttrue

    Back to Custom Resources

    GitRepoRestriction​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountstringfalse
    allowedServiceAccounts[]stringfalse
    allowedRepoPatterns[]stringfalse
    defaultClientSecretNamestringfalse
    allowedClientSecretNames[]stringfalse
    allowedTargetNamespaces[]stringfalse

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and indexstringfalse
    branchBranch The git branch to followstringfalse
    revisionRevision A specific commit or tag to operate onstringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demandstringfalse
    clientSecretNameClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for private helm repositorystringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not providedstringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default[]stringfalse
    pausedPaused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSyncboolfalse
    serviceAccountServiceAccount used in the downstream cluster for deploymentstringfalse
    targetsTargets is a list of target this repo will deploy to[]GitTargetfalse
    pollingIntervalPollingInterval is how often to check git for new updates*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Gitint64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when new image is scanned and write back to git repoCommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepoboolfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationint64true
    commitstringfalse
    readyClustersinttrue
    desiredReadyClustersinttrue
    gitJobStatusstringfalse
    summaryBundleSummaryfalse
    displayGitRepoDisplayfalse
    conditions[]genericcondition.GenericConditionfalse
    resources[]GitRepoResourcefalse
    resourceCountsGitRepoResourceCountsfalse
    resourceErrors[]stringfalse
    lastSyncedImageScanTimemetav1.Timefalse

    Back to Custom Resources

    GitTarget​

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    FieldDescriptionSchemeRequired
    statestringfalse
    errorboolfalse
    transitioningboolfalse
    messagestringfalse
    patch*GenericMapfalse
    clusterIdstringfalse

    Back to Custom Resources

    Bundle​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDeployment​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    stagedOptionsBundleDeploymentOptionsfalse
    stagedDeploymentIDstringfalse
    optionsBundleDeploymentOptionsfalse
    deploymentIDstringfalse
    dependsOn[]BundleReffalse

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[]NonReadyStatusfalse
    modifiedStatus[]ModifiedStatusfalse
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false

    Back to Custom Resources

    BundleDisplay​

    FieldDescriptionSchemeRequired
    readyClustersstringfalse
    statestringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    namestringfalse
    selector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    FieldDescriptionSchemeRequired
    namestringfalse
    contentstringfalse
    encodingstringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contain the actual resources from the git repo which will be deployed.[]BundleResourcefalse
    targetsTargets refer to the clusters which will be deployed to.[]BundleTargetfalse
    targetRestrictionsTargetRestrictions restrict which clusters the bundle will be deployed to.[]BundleTargetRestrictionfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse
    ignoreIgnore refers to the fields that will not be considered when monitoring the status.IgnoreOptionsfalse

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    summaryBundleSummaryfalse
    newlyCreatedintfalse
    unavailableinttrue
    unavailablePartitionsinttrue
    maxUnavailableinttrue
    maxUnavailablePartitionsinttrue
    maxNewintfalse
    partitions[]PartitionStatusfalse
    displayBundleDisplayfalse
    resourceKey[]ResourceKeyfalse
    observedGenerationint64true

    Back to Custom Resources

    BundleSummary​

    FieldDescriptionSchemeRequired
    notReadyintfalse
    waitAppliedintfalse
    errAppliedintfalse
    outOfSyncintfalse
    modifiedintfalse
    readyinttrue
    pendingintfalse
    desiredReadyinttrue
    nonReadyResources[]NonReadyResourcefalse

    Back to Custom Resources

    BundleTarget​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleTargetRestriction​

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ComparePatch​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    operations[]Operationfalse
    jsonPointers[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    Content​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    content[]bytefalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatches[]ComparePatchfalse

    Back to Custom Resources

    HelmOptions​

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[]ValuesFromfalse
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse

    Back to Custom Resources

    KustomizeOptions​

    FieldDescriptionSchemeRequired
    dirstringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    namestringtrue

    Back to Custom Resources

    ModifiedStatus​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyResource​

    FieldDescriptionSchemeRequired
    namestringfalse
    bundleStateBundleStatefalse
    messagestringfalse
    modifiedStatus[]ModifiedStatusfalse
    nonReadyStatus[]NonReadyStatusfalse

    Back to Custom Resources

    NonReadyStatus​

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    FieldDescriptionSchemeRequired
    opstringfalse
    pathstringfalse
    valuestringfalse

    Back to Custom Resources

    Partition​

    FieldDescriptionSchemeRequired
    namestringfalse
    maxUnavailable*intstr.IntOrStringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    FieldDescriptionSchemeRequired
    namestringfalse
    countintfalse
    maxUnavailableintfalse
    unavailableintfalse
    summaryBundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse

    Back to Custom Resources

    RolloutStrategy​

    FieldDescriptionSchemeRequired
    maxUnavailable*intstr.IntOrStringfalse
    maxUnavailablePartitions*intstr.IntOrStringfalse
    autoPartitionSize*intstr.IntOrStringfalse
    partitions[]Partitionfalse

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    FieldDescriptionSchemeRequired
    overlays[]stringfalse

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenmetav1.Timetrue
    namespacestringtrue
    nonReadyNodesinttrue
    readyNodesinttrue
    nonReadyNodeNamesAt most 3 nodes[]stringtrue
    readyNodeNamesAt most 3 nodes[]stringtrue

    Back to Custom Resources

    IgnoreOptions​

    FieldDescriptionSchemeRequired
    conditionsconditions to be ignored[]map[string]stringfalse

    Cluster​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesstringfalse
    readyNodesstringfalse
    sampleNodestringfalse
    statestringfalse

    Back to Custom Resources

    ClusterGroup​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersstringfalse
    readyBundlesstringfalse
    statestringfalse

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountinttrue
    nonReadyClusterCountinttrue
    nonReadyClusters[]stringfalse
    conditions[]genericcondition.GenericConditionfalse
    summaryBundleSummaryfalse
    displayClusterGroupDisplayfalse
    resourceCountsGitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDstringfalse
    clientRandomstringfalse
    clusterLabelsmap[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNamestringfalse
    grantedboolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttl*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expires*metav1.Timefalse
    secretNamestringfalse

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]v1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]v1.Tolerationfalse
    agentAffinityAgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used.*v1.Affinityfalse
    agentResourcesAgentResources sets the resources for the cluster's agent deployment.*v1.ResourceRequirementsfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summaryBundleSummaryfalse
    resourceCountsGitRepoResourceCountsfalse
    readyGitReposinttrue
    desiredReadyGitReposinttrue
    agentEnvVarsHashstringfalse
    agentPrivateRepoURLstringfalse
    agentDeployedGeneration*int64false
    agentMigratedboolfalse
    agentNamespaceMigratedboolfalse
    cattleNamespaceMigratedboolfalse
    agentAffinityHashstringfalse
    agentResourcesHashstringfalse
    agentTolerationsHashstringfalse
    displayClusterDisplayfalse
    agentAgentStatusfalse

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    Custom Resources Spec

    Sub Resources

    GitRepo​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsstringfalse
    statestringfalse
    messagestringfalse
    errorboolfalse

    Back to Custom Resources

    GitRepoResource​

    FieldDescriptionSchemeRequired
    apiVersionstringfalse
    kindstringfalse
    typestringfalse
    idstringfalse
    namespacestringfalse
    namestringfalse
    incompleteStateboolfalse
    statestringfalse
    errorboolfalse
    transitioningboolfalse
    messagestringfalse
    perClusterState[]ResourcePerClusterStatefalse

    Back to Custom Resources

    GitRepoResourceCounts​

    FieldDescriptionSchemeRequired
    readyinttrue
    desiredReadyinttrue
    waitAppliedinttrue
    modifiedinttrue
    orphanedinttrue
    missinginttrue
    unknowninttrue
    notReadyinttrue

    Back to Custom Resources

    GitRepoRestriction​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountstringfalse
    allowedServiceAccounts[]stringfalse
    allowedRepoPatterns[]stringfalse
    defaultClientSecretNamestringfalse
    allowedClientSecretNames[]stringfalse
    allowedTargetNamespaces[]stringfalse

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and indexstringfalse
    branchBranch The git branch to followstringfalse
    revisionRevision A specific commit or tag to operate onstringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demandstringfalse
    clientSecretNameClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for private helm repositorystringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not providedstringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default[]stringfalse
    pausedPaused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSyncboolfalse
    serviceAccountServiceAccount used in the downstream cluster for deploymentstringfalse
    targetsTargets is a list of target this repo will deploy to[]GitTargetfalse
    pollingIntervalPollingInterval is how often to check git for new updates*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Gitint64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when new image is scanned and write back to git repoCommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepoboolfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationint64true
    commitstringfalse
    readyClustersinttrue
    desiredReadyClustersinttrue
    gitJobStatusstringfalse
    summaryBundleSummaryfalse
    displayGitRepoDisplayfalse
    conditions[]genericcondition.GenericConditionfalse
    resources[]GitRepoResourcefalse
    resourceCountsGitRepoResourceCountsfalse
    resourceErrors[]stringfalse
    lastSyncedImageScanTimemetav1.Timefalse

    Back to Custom Resources

    GitTarget​

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    FieldDescriptionSchemeRequired
    statestringfalse
    errorboolfalse
    transitioningboolfalse
    messagestringfalse
    patch*GenericMapfalse
    clusterIdstringfalse

    Back to Custom Resources

    Bundle​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDeployment​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    stagedOptionsBundleDeploymentOptionsfalse
    stagedDeploymentIDstringfalse
    optionsBundleDeploymentOptionsfalse
    deploymentIDstringfalse
    dependsOn[]BundleReffalse

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[]NonReadyStatusfalse
    modifiedStatus[]ModifiedStatusfalse
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false

    Back to Custom Resources

    BundleDisplay​

    FieldDescriptionSchemeRequired
    readyClustersstringfalse
    statestringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    namestringfalse
    selector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    FieldDescriptionSchemeRequired
    namestringfalse
    contentstringfalse
    encodingstringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contain the actual resources from the git repo which will be deployed.[]BundleResourcefalse
    targetsTargets refer to the clusters which will be deployed to.[]BundleTargetfalse
    targetRestrictionsTargetRestrictions restrict which clusters the bundle will be deployed to.[]BundleTargetRestrictionfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse
    ignoreIgnore refers to the fields that will not be considered when monitoring the status.IgnoreOptionsfalse

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    summaryBundleSummaryfalse
    newlyCreatedintfalse
    unavailableinttrue
    unavailablePartitionsinttrue
    maxUnavailableinttrue
    maxUnavailablePartitionsinttrue
    maxNewintfalse
    partitions[]PartitionStatusfalse
    displayBundleDisplayfalse
    resourceKey[]ResourceKeyfalse
    observedGenerationint64true

    Back to Custom Resources

    BundleSummary​

    FieldDescriptionSchemeRequired
    notReadyintfalse
    waitAppliedintfalse
    errAppliedintfalse
    outOfSyncintfalse
    modifiedintfalse
    readyinttrue
    pendingintfalse
    desiredReadyinttrue
    nonReadyResources[]NonReadyResourcefalse

    Back to Custom Resources

    BundleTarget​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleTargetRestriction​

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ComparePatch​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    operations[]Operationfalse
    jsonPointers[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    Content​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    content[]bytefalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatches[]ComparePatchfalse

    Back to Custom Resources

    HelmOptions​

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[]ValuesFromfalse
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse

    Back to Custom Resources

    KustomizeOptions​

    FieldDescriptionSchemeRequired
    dirstringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    namestringtrue

    Back to Custom Resources

    ModifiedStatus​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyResource​

    FieldDescriptionSchemeRequired
    namestringfalse
    bundleStateBundleStatefalse
    messagestringfalse
    modifiedStatus[]ModifiedStatusfalse
    nonReadyStatus[]NonReadyStatusfalse

    Back to Custom Resources

    NonReadyStatus​

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    FieldDescriptionSchemeRequired
    opstringfalse
    pathstringfalse
    valuestringfalse

    Back to Custom Resources

    Partition​

    FieldDescriptionSchemeRequired
    namestringfalse
    maxUnavailable*intstr.IntOrStringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    FieldDescriptionSchemeRequired
    namestringfalse
    countintfalse
    maxUnavailableintfalse
    unavailableintfalse
    summaryBundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse

    Back to Custom Resources

    RolloutStrategy​

    FieldDescriptionSchemeRequired
    maxUnavailable*intstr.IntOrStringfalse
    maxUnavailablePartitions*intstr.IntOrStringfalse
    autoPartitionSize*intstr.IntOrStringfalse
    partitions[]Partitionfalse

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    FieldDescriptionSchemeRequired
    overlays[]stringfalse

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenmetav1.Timetrue
    namespacestringtrue
    nonReadyNodesinttrue
    readyNodesinttrue
    nonReadyNodeNamesAt most 3 nodes[]stringtrue
    readyNodeNamesAt most 3 nodes[]stringtrue

    Back to Custom Resources

    IgnoreOptions​

    FieldDescriptionSchemeRequired
    conditionsconditions to be ignored[]map[string]stringfalse

    Cluster​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesstringfalse
    readyNodesstringfalse
    sampleNodestringfalse
    statestringfalse

    Back to Custom Resources

    ClusterGroup​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersstringfalse
    readyBundlesstringfalse
    statestringfalse

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountinttrue
    nonReadyClusterCountinttrue
    nonReadyClusters[]stringfalse
    conditions[]genericcondition.GenericConditionfalse
    summaryBundleSummaryfalse
    displayClusterGroupDisplayfalse
    resourceCountsGitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDstringfalse
    clientRandomstringfalse
    clusterLabelsmap[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNamestringfalse
    grantedboolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttl*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expires*metav1.Timefalse
    secretNamestringfalse

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]v1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]v1.Tolerationfalse
    agentAffinityAgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used.*v1.Affinityfalse
    agentResourcesAgentResources sets the resources for the cluster's agent deployment.*v1.ResourceRequirementsfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summaryBundleSummaryfalse
    resourceCountsGitRepoResourceCountsfalse
    readyGitReposinttrue
    desiredReadyGitReposinttrue
    agentEnvVarsHashstringfalse
    agentPrivateRepoURLstringfalse
    agentDeployedGeneration*int64false
    agentMigratedboolfalse
    agentNamespaceMigratedboolfalse
    cattleNamespaceMigratedboolfalse
    agentAffinityHashstringfalse
    agentResourcesHashstringfalse
    agentTolerationsHashstringfalse
    displayClusterDisplayfalse
    agentAgentStatusfalse

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/ref-fleet-yaml.html b/0.7/ref-fleet-yaml.html index 57b75966f..05633f8a0 100644 --- a/0.7/ref-fleet-yaml.html +++ b/0.7/ref-fleet-yaml.html @@ -4,13 +4,13 @@ fleet.yaml | Fleet - +
    -
    Version: 0.7

    fleet.yaml

    The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.

    For more information on how to use the fleet.yaml to customize bundles see Git Repository Contents.

    The content of the fleet.yaml corresponds to the struct at pkg/bundlereader/read.go, which contains the BundleSpec.

    Reference​

    fleet.yaml
    # The default namespace to be applied to resources. This field is not used to
    # enforce or lock down the deployment to a specific namespace, but instead
    # provide the default value of the namespace field if one is not specified
    # in the manifests.
    # Default: default
    defaultNamespace: default

    # All resources will be assigned to this namespace and if any cluster scoped
    # resource exists the deployment will fail.
    # Default: ""
    namespace: default

    # Optional map of labels, that are set at the bundle and can be used in a
    # dependsOn.selector
    labels:
      key: value

    kustomize:
      # Use a custom folder for kustomize resources. This folder must contain
      # a kustomization.yaml file.
      dir: ./kustomize

    helm:
      # Use a custom location for the Helm chart. This can refer to any go-getter URL or
      # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".
      # This allows one to download charts from most any location.  Also know that
      # go-getter URL supports adding a digest to validate the download. If repo
      # is set below this field is the name of the chart to lookup
      chart: ./chart
      # A https URL to a Helm repo to download the chart from. It's typically easier
      # to just use `chart` field and refer to a tgz file.  If repo is used the
      # value of `chart` will be used as the chart name to lookup in the Helm repository.
      repo: https://charts.rancher.io
      # A custom release name to deploy the chart as. If not specified a release name
      # will be generated by combining the invoking GitRepo.name + GitRepo.path.
      releaseName: my-release
      # Makes helm skip the check for its own annotations
      takeOwnership: false
      # The version of the chart or semver constraint of the chart to find. If a constraint
      # is specified it is evaluated each time git changes.
      # The version also determines which chart to download from OCI registries.
      version: 0.1.0
      # Any values that should be placed in the `values.yaml` and passed to helm during
      # install.
      values:
        any-custom: value
      # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME
      # These can now be accessed directly as variables
      # The variable's value will be an empty string if the referenced cluster label does not
      # exist on the targeted cluster
        variableName: global.fleet.clusterLabels.LABELNAME
      # It is possible to specify the keys and values as go template strings for
      # advanced templating needs. Most of the functions from the sprig templating
      # library are available. Note, if the functions output changes with every
      # call, e.g. `uuidv4`, the bundle will get redeployed.
      # The template context has following keys.
      # `.ClusterValues` are retrieved from target cluster's `spec.templateValues`
      # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.
      # `.ClusterName` as the fleet's cluster resource name.
      # `.ClusterNamespace` as the namespace in which the cluster resource exists.
      # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,
      #       unlike helm which uses {{ }}.
        templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"
        valueFromEnv:
          "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }
      # Path to any values files that need to be passed to helm during install
      valuesFiles:
        - values1.yaml
        - values2.yaml
      # Allow to use values files from configmaps or secrets defined in the downstream clusters
      valuesFrom:
      - configMapKeyRef:
          name: configmap-values
          # default to namespace of bundle
          namespace: default
          key: values.yaml
      - secretKeyRef:
          name: secret-values
          namespace: default
          key: values.yaml
      # Override immutable resources. This could be dangerous.
      force: false
      # Set the Helm --atomic flag when upgrading
      atomic: false
      # Disable go template pre-processing on the fleet values
      disablePreProcess: false
      # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.
      # It will wait for as long as timeoutSeconds
      waitForJobs: true

    # A paused bundle will not update downstream clusters but instead mark the bundle
    # as OutOfSync. One can then manually confirm that a bundle should be deployed to
    # the downstream clusters.
    # Default: false
    paused: false

    rolloutStrategy:
        # A number or percentage of clusters that can be unavailable during an update
        # of a bundle. This follows the same basic approach as a deployment rollout
        # strategy. Once the number of clusters meets unavailable state update will be
        # paused. Default value is 100% which doesn't take effect on update.
        # default: 100%
        maxUnavailable: 15%
        # A number or percentage of cluster partitions that can be unavailable during
        # an update of a bundle.
        # default: 0
        maxUnavailablePartitions: 20%
        # A number of percentage of how to automatically partition clusters if not
        # specific partitioning strategy is configured.
        # default: 25%
        autoPartitionSize: 10%
        # A list of definitions of partitions.  If any target clusters do not match
        # the configuration they are added to partitions at the end following the
        # autoPartitionSize.
        partitions:
          # A user friend name given to the partition used for Display (optional).
          # default: ""
        - name: canary
          # A number or percentage of clusters that can be unavailable in this
          # partition before this partition is treated as done.
          # default: 10%
          maxUnavailable: 10%
          # Selector matching cluster labels to include in this partition
          clusterSelector:
            matchLabels:
              env: prod
          # A cluster group name to include in this partition
          clusterGroup: agroup
          # Selector matching cluster group labels to include in this partition
          clusterGroupSelector:
            clusterSelector:
              matchLabels:
                env: prod

    # Target customization are used to determine how resources should be modified per target
    # Targets are evaluated in order and the first one to match a cluster is used for that cluster.
    targetCustomizations:
    # The name of target. If not specified a default name of the format "target000"
    # will be used. This value is mostly for display
    - name: prod
      # Custom namespace value overriding the value at the root
      namespace: newvalue
      # Custom defaultNamespace value overriding the value at the root
      defaultNamespace: newdefaultvalue
      # Custom kustomize options overriding the options at the root
      kustomize: {}
      # Custom Helm options override the options at the root
      helm: {}
      # If using raw YAML these are names that map to overlays/{name} that will be used
      # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml
      # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.
      # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
      # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin
      # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.
      yaml:
        overlays:
        - custom2
        - custom3
      # A selector used to match clusters.  The structure is the standard
      # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,
      # clusterSelector will be used only to further refine the selection after
      # clusterGroupSelector and clusterGroup is evaluated.
      clusterSelector:
        matchLabels:
          env: prod
      # A selector used to match a specific cluster by name.
      clusterName: dev-cluster
      # A selector used to match cluster groups.
      clusterGroupSelector:
        matchLabels:
          region: us-east
      # A specific clusterGroup by name that will be selected
      clusterGroup: group1

    # dependsOn allows you to configure dependencies to other bundles. The current bundle
    # will only be deployed, after all dependencies are deployed and in a Ready state.
    dependsOn:
      # Format: <GITREPO-NAME>-<BUNDLE_PATH> with all path separators replaced by "-"
      # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"
      - name: one-multi-cluster-hello-world
      # Select bundles to depend on based on their label.
      - selector:
          matchLabels:
            app: weak-monkey

    # Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources
    # makes the Bundle to be in an error state when it shouldn't.
    ignore:
      # Conditions to be ignored
      conditions:
      # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}
      - type: Active
        status: "False"
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.7

    fleet.yaml

    The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.

    For more information on how to use the fleet.yaml to customize bundles see Git Repository Contents.

    The content of the fleet.yaml corresponds to the struct at pkg/bundlereader/read.go, which contains the BundleSpec.

    Reference​

    fleet.yaml
    # The default namespace to be applied to resources. This field is not used to
    # enforce or lock down the deployment to a specific namespace, but instead
    # provide the default value of the namespace field if one is not specified
    # in the manifests.
    # Default: default
    defaultNamespace: default

    # All resources will be assigned to this namespace and if any cluster scoped
    # resource exists the deployment will fail.
    # Default: ""
    namespace: default

    # Optional map of labels, that are set at the bundle and can be used in a
    # dependsOn.selector
    labels:
      key: value

    kustomize:
      # Use a custom folder for kustomize resources. This folder must contain
      # a kustomization.yaml file.
      dir: ./kustomize

    helm:
      # Use a custom location for the Helm chart. This can refer to any go-getter URL or
      # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".
      # This allows one to download charts from most any location.  Also know that
      # go-getter URL supports adding a digest to validate the download. If repo
      # is set below this field is the name of the chart to lookup
      chart: ./chart
      # A https URL to a Helm repo to download the chart from. It's typically easier
      # to just use `chart` field and refer to a tgz file.  If repo is used the
      # value of `chart` will be used as the chart name to lookup in the Helm repository.
      repo: https://charts.rancher.io
      # A custom release name to deploy the chart as. If not specified a release name
      # will be generated by combining the invoking GitRepo.name + GitRepo.path.
      releaseName: my-release
      # Makes helm skip the check for its own annotations
      takeOwnership: false
      # The version of the chart or semver constraint of the chart to find. If a constraint
      # is specified it is evaluated each time git changes.
      # The version also determines which chart to download from OCI registries.
      version: 0.1.0
      # Any values that should be placed in the `values.yaml` and passed to helm during
      # install.
      values:
        any-custom: value
      # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME
      # These can now be accessed directly as variables
      # The variable's value will be an empty string if the referenced cluster label does not
      # exist on the targeted cluster
        variableName: global.fleet.clusterLabels.LABELNAME
      # It is possible to specify the keys and values as go template strings for
      # advanced templating needs. Most of the functions from the sprig templating
      # library are available. Note, if the functions output changes with every
      # call, e.g. `uuidv4`, the bundle will get redeployed.
      # The template context has following keys.
      # `.ClusterValues` are retrieved from target cluster's `spec.templateValues`
      # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.
      # `.ClusterName` as the fleet's cluster resource name.
      # `.ClusterNamespace` as the namespace in which the cluster resource exists.
      # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,
      #       unlike helm which uses {{ }}.
        templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"
        valueFromEnv:
          "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }
      # Path to any values files that need to be passed to helm during install
      valuesFiles:
        - values1.yaml
        - values2.yaml
      # Allow to use values files from configmaps or secrets defined in the downstream clusters
      valuesFrom:
      - configMapKeyRef:
          name: configmap-values
          # default to namespace of bundle
          namespace: default
          key: values.yaml
      - secretKeyRef:
          name: secret-values
          namespace: default
          key: values.yaml
      # Override immutable resources. This could be dangerous.
      force: false
      # Set the Helm --atomic flag when upgrading
      atomic: false
      # Disable go template pre-processing on the fleet values
      disablePreProcess: false
      # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.
      # It will wait for as long as timeoutSeconds
      waitForJobs: true

    # A paused bundle will not update downstream clusters but instead mark the bundle
    # as OutOfSync. One can then manually confirm that a bundle should be deployed to
    # the downstream clusters.
    # Default: false
    paused: false

    rolloutStrategy:
        # A number or percentage of clusters that can be unavailable during an update
        # of a bundle. This follows the same basic approach as a deployment rollout
        # strategy. Once the number of clusters meets unavailable state update will be
        # paused. Default value is 100% which doesn't take effect on update.
        # default: 100%
        maxUnavailable: 15%
        # A number or percentage of cluster partitions that can be unavailable during
        # an update of a bundle.
        # default: 0
        maxUnavailablePartitions: 20%
        # A number of percentage of how to automatically partition clusters if not
        # specific partitioning strategy is configured.
        # default: 25%
        autoPartitionSize: 10%
        # A list of definitions of partitions.  If any target clusters do not match
        # the configuration they are added to partitions at the end following the
        # autoPartitionSize.
        partitions:
          # A user friend name given to the partition used for Display (optional).
          # default: ""
        - name: canary
          # A number or percentage of clusters that can be unavailable in this
          # partition before this partition is treated as done.
          # default: 10%
          maxUnavailable: 10%
          # Selector matching cluster labels to include in this partition
          clusterSelector:
            matchLabels:
              env: prod
          # A cluster group name to include in this partition
          clusterGroup: agroup
          # Selector matching cluster group labels to include in this partition
          clusterGroupSelector:
            clusterSelector:
              matchLabels:
                env: prod

    # Target customization are used to determine how resources should be modified per target
    # Targets are evaluated in order and the first one to match a cluster is used for that cluster.
    targetCustomizations:
    # The name of target. If not specified a default name of the format "target000"
    # will be used. This value is mostly for display
    - name: prod
      # Custom namespace value overriding the value at the root
      namespace: newvalue
      # Custom defaultNamespace value overriding the value at the root
      defaultNamespace: newdefaultvalue
      # Custom kustomize options overriding the options at the root
      kustomize: {}
      # Custom Helm options override the options at the root
      helm: {}
      # If using raw YAML these are names that map to overlays/{name} that will be used
      # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml
      # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.
      # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
      # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin
      # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.
      yaml:
        overlays:
        - custom2
        - custom3
      # A selector used to match clusters.  The structure is the standard
      # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,
      # clusterSelector will be used only to further refine the selection after
      # clusterGroupSelector and clusterGroup is evaluated.
      clusterSelector:
        matchLabels:
          env: prod
      # A selector used to match a specific cluster by name.
      clusterName: dev-cluster
      # A selector used to match cluster groups.
      clusterGroupSelector:
        matchLabels:
          region: us-east
      # A specific clusterGroup by name that will be selected
      clusterGroup: group1

    # dependsOn allows you to configure dependencies to other bundles. The current bundle
    # will only be deployed, after all dependencies are deployed and in a Ready state.
    dependsOn:
      # Format: <GITREPO-NAME>-<BUNDLE_PATH> with all path separators replaced by "-"
      # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"
      - name: one-multi-cluster-hello-world
      # Select bundles to depend on based on their label.
      - selector:
          matchLabels:
            app: weak-monkey

    # Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources
    # makes the Bundle to be in an error state when it shouldn't.
    ignore:
      # Conditions to be ignored
      conditions:
      # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}
      - type: Active
        status: "False"
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/ref-gitrepo.html b/0.7/ref-gitrepo.html index 2223a554f..43ff80b10 100644 --- a/0.7/ref-gitrepo.html +++ b/0.7/ref-gitrepo.html @@ -4,14 +4,14 @@ GitRepo Resource | Fleet - +
    Version: 0.7

    GitRepo Resource

    The GitRepo resource describes git repositories, how to access them and where the bundles are located.

    The content of the resource corresponds to the GitRepoSpec. -For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      #
      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.
      # Credentials will always be used if it is empty or not provided
      #
      # helmRepoURLRegex: https://charts.rancher.io/*
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      # If empty, the "default" cluster group is used.
      #
      # targets: ...
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      #
      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.
      # Credentials will always be used if it is empty or not provided
      #
      # helmRepoURLRegex: https://charts.rancher.io/*
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      # If empty, the "default" cluster group is used.
      #
      # targets: ...
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/ref-registration.html b/0.7/ref-registration.html index fd6ff7eaf..cfe4ac77f 100644 --- a/0.7/ref-registration.html +++ b/0.7/ref-registration.html @@ -4,14 +4,14 @@ Cluster Registration Internals | Fleet - +
    Version: 0.7

    Cluster Registration Internals

    Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster. -It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/ref-resources.html b/0.7/ref-resources.html index 0518d95fb..d0a05f397 100644 --- a/0.7/ref-resources.html +++ b/0.7/ref-resources.html @@ -4,13 +4,13 @@ Custom Resources | Fleet - +
    -
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/troubleshooting.html b/0.7/troubleshooting.html index 3c0f8564f..90d266e9d 100644 --- a/0.7/troubleshooting.html +++ b/0.7/troubleshooting.html @@ -4,7 +4,7 @@ Troubleshooting | Fleet - + @@ -12,8 +12,8 @@
    Skip to main content
    Version: 0.7

    Troubleshooting

    This section contains commands and tips to troubleshoot Fleet.

    How Do I...​

    Fetch the log from fleet-controller?​

    In the local management cluster where the fleet-controller is deployed, run the following command with your specific fleet-controller pod name filled in:

    $ kubectl logs -l app=fleet-controller -n cattle-fleet-system

    Fetch the log from the fleet-agent?​

    Go to each downstream cluster and run the following command for the local cluster with your specific fleet-agent pod name filled in:

    # Downstream cluster
    $ kubectl logs -l app=fleet-agent -n cattle-fleet-system
    # Local cluster
    $ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system

    Fetch detailed error logs from GitRepos and Bundles?​

    Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:

    • For more information about the bundle, click on bundle, and the YAML mode will be enabled.
    • For more information about the GitRepo, click on GitRepo, then click on View Yaml in the upper right of the screen. After viewing the YAML, check status.conditions; a detailed error message should be displayed here.
    • Check the fleet-controller for synching errors.
    • Check the fleet-agent log in the downstream cluster if you encounter issues when deploying the bundle.

    Fetch detailed status from GitRepos and Bundles?​

    For debugging and bug reports the raw JSON of the resources status fields is most useful. This can be accessed in the Rancher UI, or through kubectl:

    kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}
    kubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}

    Check a chart rendering error in Kustomize?​

    Check the fleet-controller logs and the fleet-agent logs.

    Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?​

    Check the gitjob-controller logs using the following command with your specific gitjob pod name filled in:

    $ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system

    Note that there are two containers inside the pod: the step-git-source container that clones the git repo, and the fleet container that applies bundles based on the git repo.

    The pods will usually have images named rancher/tekton-utils with the gitRepo name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific gitRepoName pod name and namespace:

    $ kubectl logs -f $gitRepoName-pod-name -n namespace

    Check the status of the fleet-controller?​

    You can check the status of the fleet-controller pods by running the commands below:

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    Enable debug logging for fleet-controller and fleet-agent?​

    Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added.

    • Go to the Dashboard, then click on the local cluster in the left navigation menu
    • Select Apps & Marketplace, then Installed Apps from the dropdown
    • From there, you will upgrade the Fleet chart with the value debug=true. You can also set debugLevel=5 if desired.

    Additional Solutions for Other Fleet Issues​

    Naming conventions for CRDs​

    1. For CRD terms like clusters and gitrepos, you must reference the full CRD name. For example, the cluster CRD's complete name is cluster.fleet.cattle.io, and the gitrepo CRD's complete name is gitrepo.fleet.cattle.io.

    2. Bundles, which are created from the GitRepo, follow the pattern $gitrepoName-$path in the same workspace/namespace where the GitRepo was created. Note that $path is the path directory in the git repository that contains the bundle (fleet.yaml).

    3. BundleDeployments, which are created from the bundle, follow the pattern $bundleName-$clusterName in the namespace clusters-$workspace-$cluster-$generateHash. Note that $clusterName is the cluster to which the bundle will be deployed.

    HTTP secrets in Github​

    When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:

    1. Create a personal access token in Github.
    2. In Rancher, create an HTTP secret with your Github username.
    3. Use your token as the secret.

    Fleet fails with bad response code: 403​

    If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your fleet.yaml:

    time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"

    Perform the following steps to assess:

    • Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully
    • Check that your credentials for the git repo are valid

    Helm chart repo: certificate signed by unknown authority​

    If your GitJob returns the error below, you may have added the wrong certificate chain:

    time="2021-11-11T05:55:08Z" level=fatal msg="Get \"https://helm.intra/virtual-helm/index.yaml\": x509: certificate signed by unknown authority"

    Please verify your certificate with the following command:

    context=playground-local
    kubectl get secret -n fleet-default helm-repo -o jsonpath="{['data']['cacerts']}" --context $context | base64 -d | openssl x509 -text -noout
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71
            Signature Algorithm: sha512WithRSAEncryption
            Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3
    ...

    Fleet deployment stuck in modified state​

    When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.

    To ignore the modified flag for the differences between the Helm install generated by fleet.yaml and the resource in your cluster, add a diff.comparePatches to the fleet.yaml for your Deployment, as shown in this example:

    defaultNamespace: <namespace name>
    helm:
      releaseName: <release name>
      repo: <repo name>
      chart: <chart name>
    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        operations:
        - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}
        - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}
        jsonPointers: # jsonPointers allows to ignore diffs at certain json path
        - "/spec/template/spec/priorityClassName"
        - "/spec/template/spec/tolerations"

    To determine which operations should be removed, observe the logs from fleet-agent on the target cluster. You should see entries similar to the following:

    level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\"spec\":{\"template\":{\"spec\":{\"hostNetwork\":false}}}}"

    Based on the above log, you can add the following entry to remove the operation:

    {"op":"remove", "path":"/spec/template/spec/hostNetwork"}

    GitRepo or Bundle stuck in modified state​

    Modified means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository.

    1. Check the bundle diffs documentation for more information.

    2. You can also force update the gitrepo to perform a manual resync. Select GitRepo on the left navigation bar, then select Force Update.

    Bundle has a Horizontal Pod Autoscaler (HPA) in modified state​

    For bundles with an HPA, the expected state is Modified, as the bundle contains fields that differ from the state of the Bundle at deployment - usually ReplicaSet.

    You must define a patch in the fleet.yaml to ignore this field according to GitRepo or Bundle stuck in modified state.

    Here is an example of such a patch for the deployment nginx in namespace default:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: nginx
        namespace: default
        operations:
        - {"op": "remove", "path": "/spec/replicas"}

    What if the cluster is unavailable, or is in a WaitCheckIn state?​

    You will need to re-import and restart the registration process: Select Cluster on the left navigation bar, then select Force Update

    caution

    WaitCheckIn status for Rancher v2.5: The cluster will show in WaitCheckIn status because the fleet-controller is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the Rancher docs.

    GitRepo complains with gzip: invalid header​

    When you see an error like the one below ...

    Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header

    ... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content.

    Agent is no longer registered​

    You can force a redeployment of an agent for a given cluster by setting redeployAgentGeneration.

    kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p '[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]'

    Nested GitRepo CRs​

    Managing Fleet within Fleet (nested GitRepo usage) is not currently supported. We will update the documentation if support becomes available.

    Migrate the local cluster to the Fleet default cluster workspace?​

    Users can create new workspaces and move clusters across workspaces. -It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/tut-deployment.html b/0.7/tut-deployment.html index 84e0c8dd6..fce1a75ef 100644 --- a/0.7/tut-deployment.html +++ b/0.7/tut-deployment.html @@ -4,7 +4,7 @@ Creating a Deployment | Fleet - + @@ -13,8 +13,8 @@ For more details on the options that are available per Git repository see Adding a GitRepo.

    Single-Cluster Examples​

    All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet.

    An example using Helm. We are deploying the helm example to the local cluster.

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment:

    fleet.yaml
    namespace: fleet-helm-example

    # Custom helm options
    helm:
      # The release name to use. If empty a generated release name will be used
      releaseName: guestbook

      # The directory of the chart in the repo.  Also any valid go-getter supported
      # URL can be used there is specify where to download the chart from.
      # If repo below is set this value if the chart name in the repo
      chart: ""

      # An https to a valid Helm repository to download the chart from
      repo: ""

      # Used if repo is set to look up the version of the chart
      version: ""

      # Force recreate resource that can not be updated
      force: false

      # How long for helm to wait for the release to be active. If the value
      # is less that or equal to zero, we will not wait in Helm
      timeoutSeconds: 0

      # Custom values that will be passed as values.yaml to the installation
      values:
        replicas: 2

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-local namespace contains the local cluster resource. The local fleet-agent will create the deployment in the fleet-helm-example namespace.

    kubectl apply -n fleet-local -f - <<EOF
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - single-cluster/helm
    EOF

    Multi-Cluster Examples​

    The examples below will deploy a multi git repo to multiple clusters at once and configure the app differently for each target.

    An example using Helm. We are deploying the helm example and customizing it per target cluster

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment. The fleet.yaml is used to configure different deployment options, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-helm-example
    targetCustomizations:
    - name: dev
      helm:
        values:
          replication: false
      clusterSelector:
        matchLabels:
          env: dev

    - name: test
      helm:
        values:
          replicas: 3
      clusterSelector:
        matchLabels:
          env: test

    - name: prod
      helm:
        values:
          serviceType: LoadBalancer
          replicas: 3
      clusterSelector:
        matchLabels:
          env: prod

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/helm
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod

    By applying the gitrepo resource to the upstream cluster, fleet will start to monitor the repository and create deployments:

    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +The application will be customized as follows per environment:

    • Dev clusters: Only the redis leader is deployed and not the followers.
    • Test clusters: Scale the front deployment to 3
    • Prod clusters: Scale the front deployment to 3 and set the service type to LoadBalancer

    The fleet.yaml is used to control which 'yaml' overlays are used, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-manifest-example
    targetCustomizations:
    - name: dev
      clusterSelector:
        matchLabels:
          env: dev
      yaml:
        overlays:
        # Refers to overlays/noreplication folder
        - noreplication

    - name: test
      clusterSelector:
        matchLabels:
          env: test
      yaml:
        overlays:
        # Refers to overlays/scale3 folder
        - scale3

    - name: prod
      clusterSelector:
        matchLabels:
          env: prod
      yaml:
        # Refers to overlays/servicelb, scale3 folders
        overlays:
        - servicelb
        - scale3

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: manifests
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/manifests
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod
    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/uninstall.html b/0.7/uninstall.html index fd22c3516..ca9ed96a4 100644 --- a/0.7/uninstall.html +++ b/0.7/uninstall.html @@ -4,15 +4,15 @@ Uninstall | Fleet - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    caution

    Uninstalling the CRDs will remove all deployed workloads.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.7/webhook.html b/0.7/webhook.html index d4bf07d76..81af12ea4 100644 --- a/0.7/webhook.html +++ b/0.7/webhook.html @@ -4,7 +4,7 @@ Using Webhooks Instead of Polling | Fleet - + @@ -12,8 +12,8 @@
    Skip to main content
    Version: 0.7

    Using Webhooks Instead of Polling

    By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs.

    1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.​

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: webhook-ingress
      namespace: cattle-fleet-system
    spec:
      rules:
      - host: your.domain.com
        http:
          paths:
            - path: /
              pathType: Prefix
              backend:
                service:
                  name: gitjob
                  port:
                    number: 80
    info

    You can configure TLS on ingress.

    2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.​

    Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default. If your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the -secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8.html b/0.8.html index a9f0245c8..405dfbbd3 100644 --- a/0.8.html +++ b/0.8.html @@ -4,13 +4,13 @@ Overview | Fleet - +
    -
    Version: 0.8

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/architecture.html b/0.8/architecture.html index b91872134..3c2c68303 100644 --- a/0.8/architecture.html +++ b/0.8/architecture.html @@ -4,7 +4,7 @@ Architecture | Fleet - + @@ -28,8 +28,8 @@ The cluster registration token is used only during the registration process to g to that cluster. After the cluster credential is established the cluster "forgets" the cluster registration token.

    The service accounts given to the clusters only have privileges to list BundleDeployment in the namespace created specifically for that cluster. It can also update the status subresource of BundleDeployment and the status -subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/bundle-add.html b/0.8/bundle-add.html index 94daabab9..643ed3683 100644 --- a/0.8/bundle-add.html +++ b/0.8/bundle-add.html @@ -4,7 +4,7 @@ Create a Bundle Resource | Fleet - + @@ -15,8 +15,8 @@ manually by the user. If you want to deploy resources from a git repository use When creating a Bundle resources need to be explicitly specified in the Bundle Spec. Resources can be compressed with gz. See here an example of how Rancher uses compression in go code.

    If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in GitRepo. -See Mapping to Downstream Clusters.

    The following example creates a nginx Deployment in the local cluster:

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      resources:
      # List of all resources that will be deployed
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml
      targets:
      - clusterName: local

    Limitations​

    Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:

    • spec.helm.repo
    • spec.helm.charts

    You can't use a fleet.yaml in resources, it is only used by the fleet-cli to create bundles.

    The spec.targetRestrictions field is not useful, as it is an allow list for targets specified in spec.targets. It is not needed, since targets are explicitly given in a bundle and an empty targetRestrictions defaults to allow.

    Convert a Helm Chart into a Bundle​

    You can use the Fleet CLI to convert a Helm chart into a bundle.

    For example, you can download and convert the "external secrets" operator chart like this:

    cat > targets.yaml <<EOF
    targets:
    - clusterSelector: {}
    EOF

    mkdir app
    cat > app/fleet.yaml <<EOF
    defaultNamespace: external-secrets
    helm:
      repo: https://charts.external-secrets.io
      chart: external-secrets
    EOF

    fleet apply --compress --targets-file=targets.yaml -n fleet-default -o - external-secrets app > eso-bundle.yaml

    kubectl apply -f eso-bundle.yaml

    Make sure you use a cluster selector in targets.yaml, that matches all clusters you want to deploy to.

    The blog post on Fleet: Multi-Cluster Deployment with the Help of External Secrets has more information.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +See Mapping to Downstream Clusters.

    The following example creates a nginx Deployment in the local cluster:

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      resources:
      # List of all resources that will be deployed
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml
      targets:
      - clusterName: local

    Limitations​

    Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:

    • spec.helm.repo
    • spec.helm.charts

    You can't use a fleet.yaml in resources, it is only used by the fleet-cli to create bundles.

    The spec.targetRestrictions field is not useful, as it is an allow list for targets specified in spec.targets. It is not needed, since targets are explicitly given in a bundle and an empty targetRestrictions defaults to allow.

    Convert a Helm Chart into a Bundle​

    You can use the Fleet CLI to convert a Helm chart into a bundle.

    For example, you can download and convert the "external secrets" operator chart like this:

    cat > targets.yaml <<EOF
    targets:
    - clusterSelector: {}
    EOF

    mkdir app
    cat > app/fleet.yaml <<EOF
    defaultNamespace: external-secrets
    helm:
      repo: https://charts.external-secrets.io
      chart: external-secrets
    EOF

    fleet apply --compress --targets-file=targets.yaml -n fleet-default -o - external-secrets app > eso-bundle.yaml

    kubectl apply -f eso-bundle.yaml

    Make sure you use a cluster selector in targets.yaml, that matches all clusters you want to deploy to.

    The blog post on Fleet: Multi-Cluster Deployment with the Help of External Secrets has more information.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/bundle-diffs.html b/0.8/bundle-diffs.html index 08b847916..58da114eb 100644 --- a/0.8/bundle-diffs.html +++ b/0.8/bundle-diffs.html @@ -4,14 +4,14 @@ Generating Diffs to Ignore Modified GitRepos | Fleet - +
    Version: 0.8

    Generating Diffs to Ignore Modified GitRepos

    Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.

    You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the Bundles section.

    The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the caBundle is empty and the CA cert is injected by the cluster.

    This leads the status of the bundle and associated GitRepo to be reported as "Modified"

    Associated Bundle -

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto.

    https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto.

    https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/changelogs.html b/0.8/changelogs.html index 355760482..e7299f943 100644 --- a/0.8/changelogs.html +++ b/0.8/changelogs.html @@ -4,13 +4,13 @@ 0.8 Changelogs | Fleet - +
    -
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/changelogs/changelogs/v0.8.0.html b/0.8/changelogs/changelogs/v0.8.0.html index de430c1c8..f7270f700 100644 --- a/0.8/changelogs/changelogs/v0.8.0.html +++ b/0.8/changelogs/changelogs/v0.8.0.html @@ -4,13 +4,13 @@ v0.8.0 | Fleet - +
    -
    Version: 0.8

    v0.8.0

    • (rancherio-gh-m) released this 2023-09-11 15:05:53 +0000 UTC*

    Description​

    Notes on 0.8.0

    Additions

    • Allow helm credentials to be defined for each path by @raulcabello in #1557
    • Add cluster name and namespace to BundleDeployment by @manno in #1571
    • Add DoNotDeploy and OverrideTargets by @raulcabello in #1580
    • Drift correction by @raulcabello in #1594
    • Add helm release resources to bd status by @manno in #1596
    • Add NamespaceLabels and NamespaceAnnotations by @raulcabello in #1627
    • Support exclusion of files and directories from bundles via .fleetignore by @weyfonk in #1634
    • Add hook on upgrade to clean up old, duplicate clusterregistrations by @manno in #1689
      • Cleanup command takes string durations as arguments by @manno in #1697
    • Clean up old clusterregistrations and remember cluster's api server by @manno in #1658
      • Clusteregistration less aggressive cleanup by @manno in #1675
      • Return early from clusterregistration handler by @manno in #1676
    • Restrict registration to leader agent by @manno in #1687
    • Do not restart agents when adopting them with a bundle by @manno in #1678

    Bugfixes

    • Agent registration recovery by @manno in #1567
    • Use correct string comparison in gitjob update script by @thardeck in #1610
    • Reduce Helm history to two entries by default by @moio in #1607
    • Fix Helm release name generation to prevent double dashes by @weyfonk in #1647
    • Prevent non-hex chars in release name hash by @weyfonk in #1649
    • Enforce strict match on cluster name when fetching bundledeployments by cluster by @weyfonk in #1662

    What's Changed

    Full Changelog: v0.7.1...v0.8.0

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8

    v0.8.0

    • (rancherio-gh-m) released this 2023-09-11 15:05:53 +0000 UTC*

    Description​

    Notes on 0.8.0

    Additions

    • Allow helm credentials to be defined for each path by @raulcabello in #1557
    • Add cluster name and namespace to BundleDeployment by @manno in #1571
    • Add DoNotDeploy and OverrideTargets by @raulcabello in #1580
    • Drift correction by @raulcabello in #1594
    • Add helm release resources to bd status by @manno in #1596
    • Add NamespaceLabels and NamespaceAnnotations by @raulcabello in #1627
    • Support exclusion of files and directories from bundles via .fleetignore by @weyfonk in #1634
    • Add hook on upgrade to clean up old, duplicate clusterregistrations by @manno in #1689
      • Cleanup command takes string durations as arguments by @manno in #1697
    • Clean up old clusterregistrations and remember cluster's api server by @manno in #1658
      • Clusteregistration less aggressive cleanup by @manno in #1675
      • Return early from clusterregistration handler by @manno in #1676
    • Restrict registration to leader agent by @manno in #1687
    • Do not restart agents when adopting them with a bundle by @manno in #1678

    Bugfixes

    • Agent registration recovery by @manno in #1567
    • Use correct string comparison in gitjob update script by @thardeck in #1610
    • Reduce Helm history to two entries by default by @moio in #1607
    • Fix Helm release name generation to prevent double dashes by @weyfonk in #1647
    • Prevent non-hex chars in release name hash by @weyfonk in #1649
    • Enforce strict match on cluster name when fetching bundledeployments by cluster by @weyfonk in #1662

    What's Changed

    Full Changelog: v0.7.1...v0.8.0

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/changelogs/changelogs/v0.8.1.html b/0.8/changelogs/changelogs/v0.8.1.html index 1e5028dc7..ad07faf74 100644 --- a/0.8/changelogs/changelogs/v0.8.1.html +++ b/0.8/changelogs/changelogs/v0.8.1.html @@ -4,13 +4,13 @@ v0.8.1 | Fleet - +
    -
    Version: 0.8

    v0.8.1

    • (rancherio-gh-m) released this 2023-11-23 10:06:23 +0000 UTC*

    Description​

    What's Changed

    • Bump bci/bci-base from 15.5.36.5.25 to 15.5.36.5.54 in /package
    • Bump Gitjob chart to 0.1.76-security1

    Full Changelog: v0.8.0...v0.8.1

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8

    v0.8.1

    • (rancherio-gh-m) released this 2023-11-23 10:06:23 +0000 UTC*

    Description​

    What's Changed

    • Bump bci/bci-base from 15.5.36.5.25 to 15.5.36.5.54 in /package
    • Bump Gitjob chart to 0.1.76-security1

    Full Changelog: v0.8.0...v0.8.1

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/changelogs/changelogs/v0.8.2.html b/0.8/changelogs/changelogs/v0.8.2.html index 46e0713b6..9a8282b1a 100644 --- a/0.8/changelogs/changelogs/v0.8.2.html +++ b/0.8/changelogs/changelogs/v0.8.2.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.8
    • (rancherio-gh-m) released this 2024-02-22 09:30:48 +0000 UTC*

    Description​

    Notes

    Additions

    Performance

    • Use index when listing BundleDeployments by Bundle by @aruiz14 in #1859
    • Replace json-based implementation of DeepCopy on GenericMap by @aruiz14 in #1956
    • Use UniqueApplyForResourceVersion in Bundle and GitRepo GeneratingHandlers by @aruiz14 in #2055

    Bugfixes

    • Initialise cluster registration labels map if empty by @weyfonk in #2063

    What's Changed

    Full Changelog: v0.8.1...v0.8.2

    Gitjob

    Gitjob Full Changelog: rancher/gitjob@v0.1.76-security1...v0.8.2

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8
    • (rancherio-gh-m) released this 2024-02-22 09:30:48 +0000 UTC*

    Description​

    Notes

    Additions

    Performance

    • Use index when listing BundleDeployments by Bundle by @aruiz14 in #1859
    • Replace json-based implementation of DeepCopy on GenericMap by @aruiz14 in #1956
    • Use UniqueApplyForResourceVersion in Bundle and GitRepo GeneratingHandlers by @aruiz14 in #2055

    Bugfixes

    • Initialise cluster registration labels map if empty by @weyfonk in #2063

    What's Changed

    Full Changelog: v0.8.1...v0.8.2

    Gitjob

    Gitjob Full Changelog: rancher/gitjob@v0.1.76-security1...v0.8.2

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/changelogs/changelogs/v0.8.3.html b/0.8/changelogs/changelogs/v0.8.3.html index de1e79ee0..421497eff 100644 --- a/0.8/changelogs/changelogs/v0.8.3.html +++ b/0.8/changelogs/changelogs/v0.8.3.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.8
    • (rancherio-gh-m) released this 2024-03-19 10:04:05 +0000 UTC*

    Description​

    Bugfixes

    • Add support for Azure DevOps Webhook for gitRepos using SSH URL by @p-se in rancher/gitjob#453
    • Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 by @thardeck in #2228
    • Convert TestAzureDevopsWebhookWithSSHURL to support Wrangler v1.1.1 by @thardeck in #2228

    What's Changed

    Full Changelog: v0.8.2...v0.8.3

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8
    • (rancherio-gh-m) released this 2024-03-19 10:04:05 +0000 UTC*

    Description​

    Bugfixes

    • Add support for Azure DevOps Webhook for gitRepos using SSH URL by @p-se in rancher/gitjob#453
    • Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 by @thardeck in #2228
    • Convert TestAzureDevopsWebhookWithSSHURL to support Wrangler v1.1.1 by @thardeck in #2228

    What's Changed

    Full Changelog: v0.8.2...v0.8.3

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/changelogs/changelogs/v0.8.4.html b/0.8/changelogs/changelogs/v0.8.4.html index 85b0f3077..959d2bc25 100644 --- a/0.8/changelogs/changelogs/v0.8.4.html +++ b/0.8/changelogs/changelogs/v0.8.4.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.8
    • (rancherio-gh-m) released this 2024-05-02 12:18:29 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.8.3...v0.8.4

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8
    • (rancherio-gh-m) released this 2024-05-02 12:18:29 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.8.3...v0.8.4

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/cli/fleet-agent.html b/0.8/cli/fleet-agent.html index f86eaa9be..ace65da08 100644 --- a/0.8/cli/fleet-agent.html +++ b/0.8/cli/fleet-agent.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.8

    fleet-agent​

    fleet-agent [flags]

    Options​

          --agent-scope string        An identifier used to scope the agent bundleID names, typically the same as namespace
          --checkin-interval string   How often to post cluster status
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet-agent
          --kubeconfig string         kubeconfig file
          --namespace string          namespace to watch
          --simulators int            Numbers of simulators to run
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8

    fleet-agent​

    fleet-agent [flags]

    Options​

          --agent-scope string        An identifier used to scope the agent bundleID names, typically the same as namespace
          --checkin-interval string   How often to post cluster status
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet-agent
          --kubeconfig string         kubeconfig file
          --namespace string          namespace to watch
          --simulators int            Numbers of simulators to run
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/cli/fleet-cli/fleet.html b/0.8/cli/fleet-cli/fleet.html index 1db177b1c..b93530fc7 100644 --- a/0.8/cli/fleet-cli/fleet.html +++ b/0.8/cli/fleet-cli/fleet.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.8

    fleet​

    fleet [flags]

    Options​

          --context string            kubeconfig context for authentication
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet test - Match a bundle to a target and render the output
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8

    fleet​

    fleet [flags]

    Options​

          --context string            kubeconfig context for authentication
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet test - Match a bundle to a target and render the output
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/cli/fleet-cli/fleet_apply.html b/0.8/cli/fleet-cli/fleet_apply.html index 360adfbda..9721c0396 100644 --- a/0.8/cli/fleet-cli/fleet_apply.html +++ b/0.8/cli/fleet-cli/fleet_apply.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.8

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string           Location of the raw Bundle resource yaml
          --cacerts-file string          Path of custom cacerts for helm repo
          --commit string                Commit to assign to the bundle
      -c, --compress                     Force all resources to be compress
          --debug                        Turn on debug logging
          --debug-level int              If debugging is enabled, set klog -v=X
      -f, --file string                  Location of the fleet.yaml
      -h, --help                         help for apply
      -l, --label strings                Labels to apply to created bundles
      -o, --output string                Output contents to file or - for stdout
          --password-file string         Path of file containing basic auth password for helm repo
          --paused                       Create bundles in a paused state
      -a, --service-account string       Service account to assign to bundle created
          --ssh-privatekey-file string   Path of ssh-private-key for helm repo
          --sync-generation int          Generation number used to force sync the deployment
          --target-namespace string      Ensure this bundle goes to this target namespace
          --targets-file string          Addition source of targets and restrictions to be append
          --username string              Basic auth username for helm repo

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string           Location of the raw Bundle resource yaml
          --cacerts-file string          Path of custom cacerts for helm repo
          --commit string                Commit to assign to the bundle
      -c, --compress                     Force all resources to be compress
          --debug                        Turn on debug logging
          --debug-level int              If debugging is enabled, set klog -v=X
      -f, --file string                  Location of the fleet.yaml
      -h, --help                         help for apply
      -l, --label strings                Labels to apply to created bundles
      -o, --output string                Output contents to file or - for stdout
          --password-file string         Path of file containing basic auth password for helm repo
          --paused                       Create bundles in a paused state
      -a, --service-account string       Service account to assign to bundle created
          --ssh-privatekey-file string   Path of ssh-private-key for helm repo
          --sync-generation int          Generation number used to force sync the deployment
          --target-namespace string      Ensure this bundle goes to this target namespace
          --targets-file string          Addition source of targets and restrictions to be append
          --username string              Basic auth username for helm repo

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/cli/fleet-cli/fleet_test.html b/0.8/cli/fleet-cli/fleet_test.html index e68514d5f..f2ba7bf51 100644 --- a/0.8/cli/fleet-cli/fleet_test.html +++ b/0.8/cli/fleet-cli/fleet_test.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.8

    fleet test​

    Match a bundle to a target and render the output

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
          --debug                 Turn on debug logging
          --debug-level int       If debugging is enabled, set klog -v=X
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8

    fleet test​

    Match a bundle to a target and render the output

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
          --debug                 Turn on debug logging
          --debug-level int       If debugging is enabled, set klog -v=X
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/cli/fleet-controller/fleet-manager.html b/0.8/cli/fleet-controller/fleet-manager.html index 0a698f20d..490f3f47c 100644 --- a/0.8/cli/fleet-controller/fleet-manager.html +++ b/0.8/cli/fleet-controller/fleet-manager.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.8

    fleet-manager​

    fleet-manager [flags]

    Options​

          --debug               Turn on debug logging
          --debug-level int     If debugging is enabled, set klog -v=X
          --disable-bootstrap   disable agent on local cluster
          --disable-gitops      disable gitops components
      -h, --help                help for fleet-manager
          --kubeconfig string   Kubeconfig file
          --namespace string    namespace to watch (default "cattle-fleet-system")
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8

    fleet-manager​

    fleet-manager [flags]

    Options​

          --debug               Turn on debug logging
          --debug-level int     If debugging is enabled, set klog -v=X
          --disable-bootstrap   disable agent on local cluster
          --disable-gitops      disable gitops components
      -h, --help                help for fleet-manager
          --kubeconfig string   Kubeconfig file
          --namespace string    namespace to watch (default "cattle-fleet-system")
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/cluster-bundles-state.html b/0.8/cluster-bundles-state.html index 13d9a1376..bcdd95b42 100644 --- a/0.8/cluster-bundles-state.html +++ b/0.8/cluster-bundles-state.html @@ -4,13 +4,13 @@ Cluster and Bundle State | Fleet - +
    -
    Version: 0.8

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Skip to main content
    Version: 0.8

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/cluster-group.html b/0.8/cluster-group.html index 380bc8731..7ffe7b8a0 100644 --- a/0.8/cluster-group.html +++ b/0.8/cluster-group.html @@ -4,7 +4,7 @@ Create Cluster Groups | Fleet - + @@ -13,8 +13,8 @@ The only parameter for a cluster group is essentially the selector. When you get to a certain scale cluster groups become a more reasonable way to manage your clusters. Cluster groups serve the purpose of giving aggregated -status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/cluster-registration.html b/0.8/cluster-registration.html index 3f9e20f00..583f5cb00 100644 --- a/0.8/cluster-registration.html +++ b/0.8/cluster-registration.html @@ -4,7 +4,7 @@ Register Downstream Clusters | Fleet - + @@ -75,8 +75,8 @@ above example one can run the following one-liner:

    info

    If you are using Fleet standalone without Rancher, it must be installed as described in installation details.

    The manager-initiated registration is used when you add a cluster from the Rancher dashboard.

    Create Kubeconfig Secret​

    The format of this secret is intended to match the format of the kubeconfig secret used in cluster-api. -This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/concepts.html b/0.8/concepts.html index 07708c016..70f212115 100644 --- a/0.8/concepts.html +++ b/0.8/concepts.html @@ -4,7 +4,7 @@ Core Concepts | Fleet - + @@ -24,8 +24,8 @@ Regardless of the source the contents are dynamically rendered into a Helm chart and installed into the downstream cluster as a helm release.

    • To see the life cycle of a bundle, click here.

  • BundleDeployment: When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for -the cluster the agent is managing.

    • For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click here.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the cluster the agent is managing.

    • For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click here.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/gitrepo-add.html b/0.8/gitrepo-add.html index a65f7db88..28c11ed39 100644 --- a/0.8/gitrepo-add.html +++ b/0.8/gitrepo-add.html @@ -4,7 +4,7 @@ Create a GitRepo Resource | Fleet - + @@ -15,8 +15,8 @@ Make sure you don't leak credentials by mixing public and private repositor or split them into different gitrepos, or use helmRepoURLRegex to limit the scope of credentials to certain servers.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    Use different helm credentials for each path​

    info

    gitRepo.spec.helmSecretName will be ignored if gitRepo.spec.helmSecretNameForPaths is provided

    Create a file secrets-path.yaml that contains credentials for each path defined in a GitRepo. Credentials will not be used for paths that are not present in this file. The path is the actual path to the bundle (ie to a folder containing a fleet.yaml file) within the git repository, which might have more segments than the entry under paths:.

    Example:

    path-one: # path path-one must exist in the repository
      username: user
      password: pass
    path-two:  # path path-one must exist in the repository
      username: user2
      password: pass2
      caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
      sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K

    Create the secret

    kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml

    In the previous example credentials for username user will be used for the path path-one and credentials for username -user2 will be used for the path path-two.

    caBundle and sshPrivateKey must be base64 encoded.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +user2 will be used for the path path-two.

    caBundle and sshPrivateKey must be base64 encoded.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/gitrepo-content.html b/0.8/gitrepo-content.html index 298ca4f4c..42d18c5c3 100644 --- a/0.8/gitrepo-content.html +++ b/0.8/gitrepo-content.html @@ -4,7 +4,7 @@ Git Repository Contents | Fleet - + @@ -51,8 +51,8 @@ the contents of a file the convention of adding _patch. (notice the will be replaced with . from the file name and that will be used as the target. For example deployment_patch.yaml will target deployment.yaml. The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch. Which strategy is used is based on the file content. Even though JSON strategies are used, the files can be written -using YAML syntax.

    Cluster and Bundle State​

    See Cluster and Bundle state.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +using YAML syntax.

    Cluster and Bundle State​

    See Cluster and Bundle state.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/gitrepo-targets.html b/0.8/gitrepo-targets.html index 9753092ef..d16af785d 100644 --- a/0.8/gitrepo-targets.html +++ b/0.8/gitrepo-targets.html @@ -4,7 +4,7 @@ Mapping to Downstream Clusters | Fleet - + @@ -23,8 +23,8 @@ and add clusters to it.

    this issue for more details.

  • Helm.WaitForJobs

  • Kustomize.Dir

  • YAML.Overlays

  • Diff.ComparePatches

    • Additional Examples​

    Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations -of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/imagescan.html b/0.8/imagescan.html index 0e89410ef..8ec3245e6 100644 --- a/0.8/imagescan.html +++ b/0.8/imagescan.html @@ -4,15 +4,15 @@ Using Image Scan to Update Container Image References | Fleet - +
    Version: 0.8

    Using Image Scan to Update Container Image References

    Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository, without the need to manually update your manifests.

    caution

    This feature is considered as experimental feature.

    Go to fleet.yaml and add the following section.

    imageScans:
    # specify the policy to retrieve images, can be semver or alphabetical order
    - policy:
        # if range is specified, it will take the latest image according to semver order in the range
        # for more details on how to use semver, see https://github.com/Masterminds/semver
        semver:
          range: "*"
        # can use ascending or descending order
        alphabetical:
          order: asc

      # specify images to scan
      image: "your.registry.com/repo/image"

      # Specify the tag name, it has to be unique in the same bundle
      tagName: test-scan

      # specify secret to pull image if in private registry
      secretRef:
        name: dockerhub-secret

      # Specify the scan interval
      interval: 5m
    info

    You can create multiple image scans in fleet.yaml.

    Go to your manifest files and update the field that you want to replace. For example:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: redis-slave
    spec:
      selector:
        matchLabels:
          app: redis
          role: slave
          tier: backend
      replicas: 2
      template:
        metadata:
          labels:
            app: redis
            role: slave
            tier: backend
        spec:
          containers:
          - name: slave
            image: <image>:<tag> # {"$imagescan": "test-scan"}
            resources:
              requests:
                cpu: 100m
                memory: 100Mi
            ports:
            - containerPort: 6379
    note

    There are multiple form of tagName you can reference. For example

    {"$imagescan": "test-scan"}: Use full image name(foo/bar:tag)

    {"$imagescan": "test-scan:name"}: Only use image name without tag(foo/bar)

    {"$imagescan": "test-scan:tag"}: Only use image tag

    {"$imagescan": "test-scan:digest"}: Use full image name with digest(foo/bar:tag@sha256...)

    Create a GitRepo that includes your fleet.yaml

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: my-repo
      namespace: fleet-local
    spec:
      # change this to be your own repo
      repo: https://github.com/rancher/fleet-examples
      # define how long it will sync all the images and decide to apply change
      imageScanInterval: 5m
      # user must properly provide a secret that have write access to git repository
      clientSecretName: secret
      # specify the commit pattern
      imageScanCommit:
        authorName: foo
        authorEmail: foo@bar.com
        messageTemplate: "update image"

    Try pushing a new image tag, for example, <image>:<new-tag>. Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml. -Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/installation.html b/0.8/installation.html index 03c831d7d..b5943c62b 100644 --- a/0.8/installation.html +++ b/0.8/installation.html @@ -4,7 +4,7 @@ Installation Details | Fleet - + @@ -37,8 +37,8 @@ the ca.pem is not correct. The contents of the $API_SERVER_CA and the CA certificate is in the file ca.pem. If your API server URL is signed by a well-known CA you can omit the apiServerCA parameter below or just create an empty ca.pem file (ie touch ca.pem).

    Setup the environment with your specific values, e.g.:

    API_SERVER_URL="https://example.com:6443"
    API_SERVER_CA="ca.pem"

    Once you have validated the API server URL and API server CA parameters, install the following two Helm charts.

    First add Fleet's Helm repository.
    helm repo add fleet https://rancher.github.io/fleet-helm-charts/

    Second install the Fleet CustomResourcesDefintions.

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd

    Third install the Fleet controllers.

    helm -n cattle-fleet-system install --create-namespace --wait \
        --set apiServerURL="$API_SERVER_URL" \
        --set-file apiServerCA="$API_SERVER_CA" \
        fleet

    At this point the Fleet manager should be ready. You can now register clusters and git repos with -the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/multi-user.html b/0.8/multi-user.html index 453d14470..930533849 100644 --- a/0.8/multi-user.html +++ b/0.8/multi-user.html @@ -4,7 +4,7 @@ Setup Multi User | Fleet - + @@ -17,8 +17,8 @@ deploy cluster wide resources. Even with the available Fleet restrictions, users are only restricted to namespaces, but namespaces don't provide much isolation on their own. E.g. they can still consume as many resources as they like.

    However, the existing Fleet restrictions allow users to share clusters, and -deploy resources without conflicts.

    Example User​

    This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace.

    kubectl create serviceaccount fleetuser
    kubectl create namespace project1
    kubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser

    If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:

    kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser
    kubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser

    This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +deploy resources without conflicts.

    Example User​

    This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace.

    kubectl create serviceaccount fleetuser
    kubectl create namespace project1
    kubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser

    If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:

    kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser
    kubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser

    This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/namespaces.html b/0.8/namespaces.html index 85a63d911..bba3e456f 100644 --- a/0.8/namespaces.html +++ b/0.8/namespaces.html @@ -4,7 +4,7 @@ Namespaces | Fleet - + @@ -39,8 +39,8 @@ in an error state and won't be deployed.

    This can also be used to set If an allowedTargetNamespaces restriction is present, all GitRepos must specify a targetNamespace and the specified namespace must be in the allow list. -This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/quickstart.html b/0.8/quickstart.html index de08a2667..87fccf9f7 100644 --- a/0.8/quickstart.html +++ b/0.8/quickstart.html @@ -4,15 +4,15 @@ Quick Start | Fleet - +
    Version: 0.8

    Quick Start

    Who needs documentation, lets just run this thing!

    Install​

    Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is fairly straightforward. To install the Helm 3 CLI follow the official install instructions.

    Fleet in Rancher

    Rancher has separate helm charts for Fleet and uses a different repository.

    brew install helm
    helm repo add fleet https://rancher.github.io/fleet-helm-charts/

    Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)

    helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \
        fleet/fleet-crd
    helm -n cattle-fleet-system install --create-namespace --wait fleet \
        fleet/fleet

    Add a Git Repo to Watch​

    Change spec.repo to your git repo of choice. Kubernetes manifest files that should -be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be ran in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be ran in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/ref-bundle-stages.html b/0.8/ref-bundle-stages.html index 6c396834f..c6d111638 100644 --- a/0.8/ref-bundle-stages.html +++ b/0.8/ref-bundle-stages.html @@ -4,13 +4,13 @@ Bundle Lifecycle | Fleet - +
    -
    Version: 0.8

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.8

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/ref-bundle.html b/0.8/ref-bundle.html index a90f9f182..5b7e4c868 100644 --- a/0.8/ref-bundle.html +++ b/0.8/ref-bundle.html @@ -4,14 +4,14 @@ Bundle Resource | Fleet - +
    Version: 0.8

    Bundle Resource

    Bundles are automatically created by Fleet when a GitRepo is created.

    The content of the resource corresponds to the BundleSpec. -For more information on how to use the Bundle resource Create a Bundle Resource.

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # Namespace used for resources that do not specify a namespace.
      # This field is not used to enforce or lock down the deployment to a specific namespace.
      # defaultNamespace: test

      # If present will assign all resource to this
      # namespace and if any cluster scoped resource exists the deployment will fail.
      # targetNamespace: app

      # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.
      # kustomize: ...

      # Helm options for the deployment, like the chart name, repo and values.
      # helm: ...

      # ServiceAccount which will be used to perform this deployment.
      # serviceAccount: sa

      # ForceSyncGeneration is used to force a redeployment.
      # forceSyncGeneration: 0

      # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.
      # yaml: ...

      # Diff can be used to ignore the modified state of objects which are amended at runtime.
      # A specific commit or tag can also be watched.
      #
      # diff: ...

      # KeepResources can be used to keep the deployed resources when removing the bundle.
      # keepResources: false

      # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.
      # paused: false

      # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.
      # rolloutStrategy: ...

      # Contain the actual resources from the git repo which will be deployed.
      resources:
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

      # This field is used by Fleet internally, and it should not be modified manually.
      # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.
      # targetRestrictions: ...

      # Refers to the bundles which must be ready before this bundle can be deployed.
      # dependsOn: ...

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For more information on how to use the Bundle resource Create a Bundle Resource.

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # Namespace used for resources that do not specify a namespace.
      # This field is not used to enforce or lock down the deployment to a specific namespace.
      # defaultNamespace: test

      # If present will assign all resource to this
      # namespace and if any cluster scoped resource exists the deployment will fail.
      # targetNamespace: app

      # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.
      # kustomize: ...

      # Helm options for the deployment, like the chart name, repo and values.
      # helm: ...

      # ServiceAccount which will be used to perform this deployment.
      # serviceAccount: sa

      # ForceSyncGeneration is used to force a redeployment.
      # forceSyncGeneration: 0

      # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.
      # yaml: ...

      # Diff can be used to ignore the modified state of objects which are amended at runtime.
      # A specific commit or tag can also be watched.
      #
      # diff: ...

      # KeepResources can be used to keep the deployed resources when removing the bundle.
      # keepResources: false

      # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.
      # paused: false

      # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.
      # rolloutStrategy: ...

      # Contain the actual resources from the git repo which will be deployed.
      resources:
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

      # This field is used by Fleet internally, and it should not be modified manually.
      # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.
      # targetRestrictions: ...

      # Refers to the bundles which must be ready before this bundle can be deployed.
      # dependsOn: ...

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/ref-configuration.html b/0.8/ref-configuration.html index e7eda87af..862dcad10 100644 --- a/0.8/ref-configuration.html +++ b/0.8/ref-configuration.html @@ -4,7 +4,7 @@ Configuration | Fleet - + @@ -12,8 +12,8 @@
    Version: 0.8

    Configuration

    A reference list of, mostly internal, configuration options.

    Helm Charts​

    The Helm charts accept, at least, the options as shown with their default in values.yaml:

    Environment Variables​

    The controllers can be started with these environment variables:

    • CATTLE_DEV_MODE - used to debug wrangler, not usable
    • FLEET_CLUSTER_ENQUEUE_DELAY - tune how often non-ready clusters are checked
    • FLEET_CPU_PPROF_PERIOD - used to turn on performance profiling

    Configuration​

    In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments.

    The config struct is used in both config maps:

    • cattle-fleet-system/fleet-agent
    • cattle-fleet-system/fleet-controller

    Labels​

    Labels used by fleet:

    • fleet.cattle.io/agent=true - NodeSelector label for agent's deployment affinity setting
    • fleet.cattle.io/non-managed-agent - managed agent bundle won't target Clusters with this label
    • fleet.cattle.io/repo-name - used on Bundle to reference the git repo resource
    • fleet.cattle.io/bundle-namespace - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/bundle-name - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/managed=true - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces.
    • fleet.cattle.io/bootstrap-token - unused

    Annotations​

    Annotations used by fleet:

    • fleet.cattle.io/agent-namespace
    • fleet.cattle.io/bundle-id
    • fleet.cattle.io/cluster, fleet.cattle.io/cluster-namespace - used on a cluster namespace to reference the cluster registration namespace and cluster name
    • fleet.cattle.io/cluster-group
    • fleet.cattle.io/cluster-registration-namespace
    • fleet.cattle.io/cluster-registration
    • fleet.cattle.io/commit
    • fleet.cattle.io/managed - appears unused
    • fleet.cattle.io/service-account

    Fleet agent configuration​

    Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a Cluster, see Registering Downstream Cluster for more info on how to create Clusters. Default configuration will be used if these fields are not provided.

    If you change the resources limits, make sure the limits allow the fleet-agent to work normally.

    Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults. -Agents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Agents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/ref-crds.html b/0.8/ref-crds.html index 137cebf5e..5994c40e2 100644 --- a/0.8/ref-crds.html +++ b/0.8/ref-crds.html @@ -4,13 +4,13 @@ Custom Resources Spec | Fleet - +
    -
    Version: 0.8

    Custom Resources Spec

    Sub Resources

    CorrectDrift​

    FieldDescriptionSchemeRequired
    enabledEnabled correct drift if true.boolfalse
    forceForce helm rollback with --force option will be used if true. This will try to recreate all resources in the release.boolfalse
    keepFailHistoryKeepFailHistory keeps track of failed rollbacks in the helm history.boolfalse

    Back to Custom Resources

    GitRepo​

    GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsReadyBundleDeployments is a string in the form \"%d/%d\", that describes the number of ready bundledeployments over the total number of bundledeployments.stringfalse
    stateState is the state of the GitRepo, e.g. \"GitUpdating\" or the maximal BundleState according to StateRank.stringfalse
    messageMessage contains the relevant message from the deployment conditions.stringfalse
    errorError is true if a message is present.boolfalse

    Back to Custom Resources

    GitRepoResource​

    GitRepoResource contains metadata about the resources of a bundle.

    FieldDescriptionSchemeRequired
    apiVersionAPIVersion is the API version of the resource.stringfalse
    kindKind is the k8s kind of the resource.stringfalse
    typeType is the type of the resource, e.g. \"apiextensions.k8s.io.customresourcedefinition\" or \"configmap\".stringfalse
    idID is the name of the resource, e.g. \"namespace1/my-config\" or \"backingimagemanagers.storage.io\".stringfalse
    namespaceNamespace of the resource.stringfalse
    nameName of the resource.stringfalse
    incompleteStateIncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states.boolfalse
    stateState is the state of the resource, e.g. \"Unknown\", \"WaitApplied\", \"ErrApplied\" or \"Ready\".stringfalse
    errorError is true if any Error in the PerClusterState is true.boolfalse
    transitioningTransitioning is true if any Transitioning in the PerClusterState is true.boolfalse
    messageMessage is the first message from the PerClusterStates.stringfalse
    perClusterStatePerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources.[]ResourcePerClusterStatefalse

    Back to Custom Resources

    GitRepoResourceCounts​

    GitRepoResourceCounts contains the number of resources in each state.

    FieldDescriptionSchemeRequired
    readyReady is the number of ready resources.inttrue
    desiredReadyDesiredReady is the number of resources that should be ready.inttrue
    waitAppliedWaitApplied is the number of resources that are waiting to be applied.inttrue
    modifiedModified is the number of resources that have been modified.inttrue
    orphanedOrphaned is the number of orphaned resources.inttrue
    missingMissing is the number of missing resources.inttrue
    unknownUnknown is the number of resources in an unknown state.inttrue
    notReadyNotReady is the number of not ready resources. Resources are not ready if they do not match any other state.inttrue

    Back to Custom Resources

    GitRepoRestriction​

    GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountDefaultServiceAccount overrides the GitRepo's default service account.stringfalse
    allowedServiceAccountsAllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use.[]stringfalse
    allowedRepoPatternsAllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo.[]stringfalse
    defaultClientSecretNameDefaultClientSecretName overrides the GitRepo's default client secret.stringfalse
    allowedClientSecretNamesAllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use.[]stringfalse
    allowedTargetNamespacesAllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set.[]stringfalse

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and index.stringfalse
    branchBranch The git branch to follow.stringfalse
    revisionRevision A specific commit or tag to operate on.stringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand.stringfalse
    clientSecretNameClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for a private Helm repository.stringfalse
    helmSecretNameForPathsHelmSecretNameForPaths contains the auth secret for private Helm repository for each path.stringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided.stringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default.[]stringfalse
    pausedPaused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync.boolfalse
    serviceAccountServiceAccount used in the downstream cluster for deployment.stringfalse
    targetsTargets is a list of targets this repo will deploy to.[]GitTargetfalse
    pollingIntervalPollingInterval is how often to check git for new updates.*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Git.int64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo.*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when a new image is scanned and written back to git repo.CommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepo.boolfalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status.int64true
    commitCommit is the Git commit hash from the last gitjob run.stringfalse
    readyClustersReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo.inttrue
    desiredReadyClustersDesiredReadyClusters\tis the number of clusters that should be ready for bundles of this GitRepo.inttrue
    gitJobStatusGitJobStatus is the status of the last GitJob run, e.g. \"Current\" if there was no error.stringfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    displayDisplay contains a human readable summary of the status.GitRepoDisplayfalse
    conditionsConditions is a list of Wrangler conditions that describe the state of the GitRepo.[]genericcondition.GenericConditionfalse
    resourcesResources contains metadata about the resources of each bundle.[]GitRepoResourcefalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles.GitRepoResourceCountsfalse
    resourceErrorsResourceErrors is a sorted list of errors from the resources.[]stringfalse
    lastSyncedImageScanTimeLastSyncedImageScanTime is the time of the last image scan.metav1.Timefalse

    Back to Custom Resources

    GitTarget​

    GitTarget is a cluster or cluster group to deploy to.

    FieldDescriptionSchemeRequired
    nameName is the name of this target.stringfalse
    clusterNameClusterName is the name of a cluster.stringfalse
    clusterSelectorClusterSelector is a label selector to select clusters.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup is the name of a cluster group in the same namespace as the clusters.stringfalse
    clusterGroupSelectorClusterGroupSelector is a label selector to select cluster groups.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    ResourcePerClusterState is generated for each non-ready resource of the bundles.

    FieldDescriptionSchemeRequired
    stateState is the state of the resource.stringfalse
    errorError is true if the resource is in an error state, copied from the bundle's summary for non-ready resources.boolfalse
    transitioningTransitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources.boolfalse
    messageMessage combines the messages from the bundle's summary. Messages are joined with the delimiter ';'.stringfalse
    patchPatch for modified resources.*GenericMapfalse
    clusterIdClusterID is the id of the cluster.stringfalse

    Back to Custom Resources

    Bundle​

    Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.\n\nWhen a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDeployment​

    BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse
    ignoreIgnoreOptions can be used to ignore fields when monitoring the bundle.IgnoreOptionsfalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse
    namespaceLabelsNamespaceLabels are labels that will be appended to the namespace created by Fleet.*map[string]stringfalse
    namespaceAnnotationsNamespaceAnnotations are annotations that will be appended to the namespace created by Fleet.*map[string]stringfalse

    Back to Custom Resources

    BundleDeploymentResource​

    BundleDeploymentResource contains the metadata of a deployed resource.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    createdAtmetav1.Timefalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected.boolfalse
    stagedOptionsStagedOptions are the deployment options, that are staged for the next deployment.BundleDeploymentOptionsfalse
    stagedDeploymentIDStagedDeploymentID is the ID of the staged deployment.stringfalse
    optionsOptions are the deployment options, that are currently applied.BundleDeploymentOptionsfalse
    deploymentIDDeploymentID is the ID of the currently applied deployment.stringfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[]NonReadyStatusfalse
    modifiedStatus[]ModifiedStatusfalse
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false
    resourcesResources lists the metadata of resources that were deployed according to the helm release history.[]BundleDeploymentResourcefalse

    Back to Custom Resources

    BundleDisplay​

    BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle.

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    stateState is a summary state for the bundle, calculated over the non-ready resources.stringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    BundleNamespaceMapping maps bundles to clusters in other namespaces.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    nameName of the bundle.stringfalse
    selectorSelector matching bundle's labels.*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    BundleResource represents the content of a single resource from the bundle, like a YAML manifest.

    FieldDescriptionSchemeRequired
    nameName of the resource, can include the bundle's internal path.stringfalse
    contentThe content of the resource, can be compressed.stringfalse
    encodingEncoding is either empty or \"base64+gz\".stringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts.[]BundleResourcefalse
    targetsTargets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used.[]BundleTargetfalse
    targetRestrictionsTargetRestrictions is an allow list, which controls if a bundledeployment is created for a target.[]BundleTargetRestrictionfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of Wrangler conditions that describe the state of the bundle.[]genericcondition.GenericConditionfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    newlyCreatedNewlyCreated is the number of bundle deployments that have been created, not updated.intfalse
    unavailableUnavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec.inttrue
    unavailablePartitionsUnavailablePartitions is the number of unavailable partitions.inttrue
    maxUnavailableMaxUnavailable is the maximum number of unavailable deployments. See rollout configuration.inttrue
    maxUnavailablePartitionsMaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions.inttrue
    maxNewMaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time.intfalse
    partitionsPartitionStatus lists the status of each partition.[]PartitionStatusfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.BundleDisplayfalse
    resourceKeyResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc..[]ResourceKeyfalse
    observedGenerationObservedGeneration is the current generation of the bundle.int64true

    Back to Custom Resources

    BundleSummary​

    BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status.

    FieldDescriptionSchemeRequired
    notReadyNotReady is the number of bundle deployments that have been deployed where some resources are not ready.intfalse
    waitAppliedWaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.intfalse
    errAppliedErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle.intfalse
    outOfSyncOutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent.intfalse
    modifiedModified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced.intfalse
    readyReady is the number of bundle deployments that have been deployed where all resources are ready.inttrue
    pendingPending is the number of bundle deployments that are being processed by Fleet controller.intfalse
    desiredReadyDesiredReady is the number of bundle deployments that should be ready.inttrue
    nonReadyResourcesNonReadyClusters is a list of states, which is filled for a bundle that is not ready.[]NonReadyResourcefalse

    Back to Custom Resources

    BundleTarget​

    BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct.

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    nameName of target. This value is largely for display and logging. If not specified a default name of the format \"target000\" will be usedstringfalse
    clusterNameClusterName to match a specific cluster by name that will be selectedstringfalse
    clusterSelectorClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup to match a specific cluster group by name.stringfalse
    clusterGroupSelectorClusterGroupSelector is a selector to match cluster groups.*metav1.LabelSelectorfalse
    doNotDeployDoNotDeploy if set to true, will not deploy to this target.boolfalse

    Back to Custom Resources

    BundleTargetRestriction​

    BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml.

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ComparePatch​

    ComparePatch matches a resource and removes fields from the check for modifications.

    FieldDescriptionSchemeRequired
    kindKind is the kind of the resource to match.stringfalse
    apiVersionAPIVersion is the apiVersion of the resource to match.stringfalse
    namespaceNamespace is the namespace of the resource to match.stringfalse
    nameName is the name of the resource to match.stringfalse
    operationsOperations remove a JSON path from the resource.[]Operationfalse
    jsonPointersJSONPointers ignore diffs at a certain JSON path.[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    Content​

    Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    contentContent is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them.[]bytefalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatchesComparePatches match a resource and remove fields from the check for modifications.[]ComparePatchfalse

    Back to Custom Resources

    HelmOptions​

    HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types.

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[]ValuesFromfalse
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes Fleet skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse

    Back to Custom Resources

    IgnoreOptions​

    IgnoreOptions defines conditions to be ignored when monitoring the Bundle.

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of conditions to be ignored when monitoring the Bundle.[]map[string]stringfalse

    Back to Custom Resources

    KustomizeOptions​

    KustomizeOptions for a deployment.

    FieldDescriptionSchemeRequired
    dirDir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file.stringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    nameName of a resource in the same namespace as the referent.stringtrue

    Back to Custom Resources

    ModifiedStatus​

    ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyResource​

    NonReadyResource contains information about a bundle that is not ready for a given state like \"ErrApplied\". It contains a list of non-ready or modified resources and their states.

    FieldDescriptionSchemeRequired
    nameName is the name of the resource.stringfalse
    bundleStateState is the state of the resource, like e.g. \"NotReady\" or \"ErrApplied\".BundleStatefalse
    messageMessage contains information why the bundle is not ready.stringfalse
    modifiedStatusModifiedStatus lists the state for each modified resource.[]ModifiedStatusfalse
    nonReadyStatusNonReadyStatus lists the state for each non-ready resource.[]NonReadyStatusfalse

    Back to Custom Resources

    NonReadyStatus​

    NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary.

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    Operation of a ComparePatch, usually \"remove\".

    FieldDescriptionSchemeRequired
    opOp is usually \"remove\"stringfalse
    pathPath is the JSON path to remove.stringfalse
    valueValue is usually empty.stringfalse

    Back to Custom Resources

    Partition​

    Partition defines a separate rollout strategy for a set of clusters.

    FieldDescriptionSchemeRequired
    nameA user-friendly name given to the partition used for Display (optional).stringfalse
    maxUnavailableA number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%*intstr.IntOrStringfalse
    clusterNameClusterName is the name of a cluster to include in this partitionstringfalse
    clusterSelectorSelector matching cluster labels to include in this partition*metav1.LabelSelectorfalse
    clusterGroupA cluster group name to include in this partitionstringfalse
    clusterGroupSelectorSelector matching cluster group labels to include in this partition*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    PartitionStatus is the status of a single rollout partition.

    FieldDescriptionSchemeRequired
    nameName is the name of the partition.stringfalse
    countCount is the number of clusters in the partition.intfalse
    maxUnavailableMaxUnavailable is the maximum number of unavailable clusters in the partition.intfalse
    unavailableUnavailable is the number of unavailable clusters in the partition.intfalse
    summarySummary is a summary state for the partition, calculated over its non-ready resources.BundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    ResourceKey lists resources, which will likely be deployed.

    FieldDescriptionSchemeRequired
    kindKind is the k8s api kind of the resource.stringfalse
    apiVersionAPIVersion is the k8s api version of the resource.stringfalse
    namespaceNamespace is the namespace of the resource.stringfalse
    nameName is the name of the resource.stringfalse

    Back to Custom Resources

    RolloutStrategy​

    RolloverStrategy controls the rollout of the bundle across clusters.

    FieldDescriptionSchemeRequired
    maxUnavailableA number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%*intstr.IntOrStringfalse
    maxUnavailablePartitionsA number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0*intstr.IntOrStringfalse
    autoPartitionSizeA number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%*intstr.IntOrStringfalse
    partitionsA list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize.[]Partitionfalse

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.

    FieldDescriptionSchemeRequired
    overlaysOverlays is a list of names that maps to folders in \"overlays/\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.[]stringfalse

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenLastSeen is the last time the agent checked in to update the status of the cluster resource.metav1.Timetrue
    namespaceNamespace is the namespace of the agent deployment, e.g. \"cattle-fleet-system\".stringtrue
    nonReadyNodesNonReadyNodes is the number of nodes that are not ready.inttrue
    readyNodesReadyNodes is the number of nodes that are ready.inttrue
    nonReadyNodeNamesNonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names.[]stringtrue
    readyNodeNamesReadyNodes contains the names of ready nodes. The list is limited to at most 3 names.[]stringtrue

    Back to Custom Resources

    Cluster​

    Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    readyNodesReadyNodes is a string in the form \"%d/%d\", that describes the number of nodes that are ready vs. the number of expected nodes.stringfalse
    sampleNodeSampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready.stringfalse
    stateState of the cluster, either one of the bundle states, or \"WaitCheckIn\".stringfalse

    Back to Custom Resources

    ClusterGroup​

    ClusterGroup is a re-usable selector to target a group of clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    stateState is a summary state for the cluster group, showing \"NotReady\" if there are non-ready resources.stringfalse

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selectorSelector is a label selector, used to select clusters for this group.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountClusterCount is the number of clusters in the cluster group.inttrue
    nonReadyClusterCountNonReadyClusterCount is the number of clusters that are not ready.inttrue
    nonReadyClustersNonReadyClusters is a list of cluster names that are not ready.[]stringfalse
    conditionsConditions is a list of conditions and their statuses for the cluster group.[]genericcondition.GenericConditionfalse
    summarySummary is a summary of the bundle deployments and their resources in the cluster group.BundleSummaryfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.ClusterGroupDisplayfalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles in the cluster group.GitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    ClusterRegistration is used internally by Fleet and should not be used directly.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID.stringfalse
    clientRandomClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name.stringfalse
    clusterLabelsClusterLabels are copied to the cluster resource during the registration.map[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNameClusterName is only set after the registration is being processed by fleet-controller.stringfalse
    grantedGranted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings.boolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    ClusterRegistrationToken is used by agents to register a new cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttlTTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted.*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expiresExpires is the time when the token expires.*metav1.Timefalse
    secretNameSecretName is the name of the secret containing the token.stringfalse

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]v1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]v1.Tolerationfalse
    agentAffinityAgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used.*v1.Affinityfalse
    agentResourcesAgentResources sets the resources for the cluster's agent deployment.*v1.ResourceRequirementsfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summarySummary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource.BundleSummaryfalse
    resourceCountsResourceCounts is an aggregate over the GitRepoResourceCounts.GitRepoResourceCountsfalse
    readyGitReposReadyGitRepos is the number of gitrepos for this cluster that are ready.inttrue
    desiredReadyGitReposDesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready.inttrue
    agentEnvVarsHashAgentEnvVarsHash is a hash of the agent's env vars, used to detect changes.stringfalse
    agentPrivateRepoURLAgentPrivateRepoURL is the private repo URL for the agent that is currently used.stringfalse
    agentDeployedGenerationAgentDeployedGeneration is the generation of the agent that is currently deployed.*int64false
    agentMigratedAgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status.boolfalse
    agentNamespaceMigratedAgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status.boolfalse
    cattleNamespaceMigratedCattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status.boolfalse
    agentAffinityHashAgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes.stringfalse
    agentResourcesHashAgentResourcesHash is a hash of the agent's resources configuration, used to detect changes.stringfalse
    agentTolerationsHashAgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes.stringfalse
    agentConfigChangedAgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster.boolfalse
    apiServerURLAPIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream.stringfalse
    apiServerCAHashAPIServerCAHash is a hash of the upstream API server CA, used to detect changes.stringfalse
    displayDisplay contains the number of ready bundles, nodes and a summary state.ClusterDisplayfalse
    agentAgentStatus contains information about the agent.AgentStatusfalse

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.8

    Custom Resources Spec

    Sub Resources

    CorrectDrift​

    FieldDescriptionSchemeRequired
    enabledEnabled correct drift if true.boolfalse
    forceForce helm rollback with --force option will be used if true. This will try to recreate all resources in the release.boolfalse
    keepFailHistoryKeepFailHistory keeps track of failed rollbacks in the helm history.boolfalse

    Back to Custom Resources

    GitRepo​

    GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsReadyBundleDeployments is a string in the form \"%d/%d\", that describes the number of ready bundledeployments over the total number of bundledeployments.stringfalse
    stateState is the state of the GitRepo, e.g. \"GitUpdating\" or the maximal BundleState according to StateRank.stringfalse
    messageMessage contains the relevant message from the deployment conditions.stringfalse
    errorError is true if a message is present.boolfalse

    Back to Custom Resources

    GitRepoResource​

    GitRepoResource contains metadata about the resources of a bundle.

    FieldDescriptionSchemeRequired
    apiVersionAPIVersion is the API version of the resource.stringfalse
    kindKind is the k8s kind of the resource.stringfalse
    typeType is the type of the resource, e.g. \"apiextensions.k8s.io.customresourcedefinition\" or \"configmap\".stringfalse
    idID is the name of the resource, e.g. \"namespace1/my-config\" or \"backingimagemanagers.storage.io\".stringfalse
    namespaceNamespace of the resource.stringfalse
    nameName of the resource.stringfalse
    incompleteStateIncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states.boolfalse
    stateState is the state of the resource, e.g. \"Unknown\", \"WaitApplied\", \"ErrApplied\" or \"Ready\".stringfalse
    errorError is true if any Error in the PerClusterState is true.boolfalse
    transitioningTransitioning is true if any Transitioning in the PerClusterState is true.boolfalse
    messageMessage is the first message from the PerClusterStates.stringfalse
    perClusterStatePerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources.[]ResourcePerClusterStatefalse

    Back to Custom Resources

    GitRepoResourceCounts​

    GitRepoResourceCounts contains the number of resources in each state.

    FieldDescriptionSchemeRequired
    readyReady is the number of ready resources.inttrue
    desiredReadyDesiredReady is the number of resources that should be ready.inttrue
    waitAppliedWaitApplied is the number of resources that are waiting to be applied.inttrue
    modifiedModified is the number of resources that have been modified.inttrue
    orphanedOrphaned is the number of orphaned resources.inttrue
    missingMissing is the number of missing resources.inttrue
    unknownUnknown is the number of resources in an unknown state.inttrue
    notReadyNotReady is the number of not ready resources. Resources are not ready if they do not match any other state.inttrue

    Back to Custom Resources

    GitRepoRestriction​

    GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountDefaultServiceAccount overrides the GitRepo's default service account.stringfalse
    allowedServiceAccountsAllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use.[]stringfalse
    allowedRepoPatternsAllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo.[]stringfalse
    defaultClientSecretNameDefaultClientSecretName overrides the GitRepo's default client secret.stringfalse
    allowedClientSecretNamesAllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use.[]stringfalse
    allowedTargetNamespacesAllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set.[]stringfalse

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and index.stringfalse
    branchBranch The git branch to follow.stringfalse
    revisionRevision A specific commit or tag to operate on.stringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand.stringfalse
    clientSecretNameClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for a private Helm repository.stringfalse
    helmSecretNameForPathsHelmSecretNameForPaths contains the auth secret for private Helm repository for each path.stringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided.stringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default.[]stringfalse
    pausedPaused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync.boolfalse
    serviceAccountServiceAccount used in the downstream cluster for deployment.stringfalse
    targetsTargets is a list of targets this repo will deploy to.[]GitTargetfalse
    pollingIntervalPollingInterval is how often to check git for new updates.*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Git.int64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo.*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when a new image is scanned and written back to git repo.CommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepo.boolfalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status.int64true
    commitCommit is the Git commit hash from the last gitjob run.stringfalse
    readyClustersReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo.inttrue
    desiredReadyClustersDesiredReadyClusters\tis the number of clusters that should be ready for bundles of this GitRepo.inttrue
    gitJobStatusGitJobStatus is the status of the last GitJob run, e.g. \"Current\" if there was no error.stringfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    displayDisplay contains a human readable summary of the status.GitRepoDisplayfalse
    conditionsConditions is a list of Wrangler conditions that describe the state of the GitRepo.[]genericcondition.GenericConditionfalse
    resourcesResources contains metadata about the resources of each bundle.[]GitRepoResourcefalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles.GitRepoResourceCountsfalse
    resourceErrorsResourceErrors is a sorted list of errors from the resources.[]stringfalse
    lastSyncedImageScanTimeLastSyncedImageScanTime is the time of the last image scan.metav1.Timefalse

    Back to Custom Resources

    GitTarget​

    GitTarget is a cluster or cluster group to deploy to.

    FieldDescriptionSchemeRequired
    nameName is the name of this target.stringfalse
    clusterNameClusterName is the name of a cluster.stringfalse
    clusterSelectorClusterSelector is a label selector to select clusters.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup is the name of a cluster group in the same namespace as the clusters.stringfalse
    clusterGroupSelectorClusterGroupSelector is a label selector to select cluster groups.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    ResourcePerClusterState is generated for each non-ready resource of the bundles.

    FieldDescriptionSchemeRequired
    stateState is the state of the resource.stringfalse
    errorError is true if the resource is in an error state, copied from the bundle's summary for non-ready resources.boolfalse
    transitioningTransitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources.boolfalse
    messageMessage combines the messages from the bundle's summary. Messages are joined with the delimiter ';'.stringfalse
    patchPatch for modified resources.*GenericMapfalse
    clusterIdClusterID is the id of the cluster.stringfalse

    Back to Custom Resources

    Bundle​

    Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.\n\nWhen a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDeployment​

    BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse
    ignoreIgnoreOptions can be used to ignore fields when monitoring the bundle.IgnoreOptionsfalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse
    namespaceLabelsNamespaceLabels are labels that will be appended to the namespace created by Fleet.*map[string]stringfalse
    namespaceAnnotationsNamespaceAnnotations are annotations that will be appended to the namespace created by Fleet.*map[string]stringfalse

    Back to Custom Resources

    BundleDeploymentResource​

    BundleDeploymentResource contains the metadata of a deployed resource.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    createdAtmetav1.Timefalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected.boolfalse
    stagedOptionsStagedOptions are the deployment options, that are staged for the next deployment.BundleDeploymentOptionsfalse
    stagedDeploymentIDStagedDeploymentID is the ID of the staged deployment.stringfalse
    optionsOptions are the deployment options, that are currently applied.BundleDeploymentOptionsfalse
    deploymentIDDeploymentID is the ID of the currently applied deployment.stringfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[]NonReadyStatusfalse
    modifiedStatus[]ModifiedStatusfalse
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false
    resourcesResources lists the metadata of resources that were deployed according to the helm release history.[]BundleDeploymentResourcefalse

    Back to Custom Resources

    BundleDisplay​

    BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle.

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    stateState is a summary state for the bundle, calculated over the non-ready resources.stringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    BundleNamespaceMapping maps bundles to clusters in other namespaces.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    nameName of the bundle.stringfalse
    selectorSelector matching bundle's labels.*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    BundleResource represents the content of a single resource from the bundle, like a YAML manifest.

    FieldDescriptionSchemeRequired
    nameName of the resource, can include the bundle's internal path.stringfalse
    contentThe content of the resource, can be compressed.stringfalse
    encodingEncoding is either empty or \"base64+gz\".stringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts.[]BundleResourcefalse
    targetsTargets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used.[]BundleTargetfalse
    targetRestrictionsTargetRestrictions is an allow list, which controls if a bundledeployment is created for a target.[]BundleTargetRestrictionfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of Wrangler conditions that describe the state of the bundle.[]genericcondition.GenericConditionfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    newlyCreatedNewlyCreated is the number of bundle deployments that have been created, not updated.intfalse
    unavailableUnavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec.inttrue
    unavailablePartitionsUnavailablePartitions is the number of unavailable partitions.inttrue
    maxUnavailableMaxUnavailable is the maximum number of unavailable deployments. See rollout configuration.inttrue
    maxUnavailablePartitionsMaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions.inttrue
    maxNewMaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time.intfalse
    partitionsPartitionStatus lists the status of each partition.[]PartitionStatusfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.BundleDisplayfalse
    resourceKeyResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc..[]ResourceKeyfalse
    observedGenerationObservedGeneration is the current generation of the bundle.int64true

    Back to Custom Resources

    BundleSummary​

    BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status.

    FieldDescriptionSchemeRequired
    notReadyNotReady is the number of bundle deployments that have been deployed where some resources are not ready.intfalse
    waitAppliedWaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.intfalse
    errAppliedErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle.intfalse
    outOfSyncOutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent.intfalse
    modifiedModified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced.intfalse
    readyReady is the number of bundle deployments that have been deployed where all resources are ready.inttrue
    pendingPending is the number of bundle deployments that are being processed by Fleet controller.intfalse
    desiredReadyDesiredReady is the number of bundle deployments that should be ready.inttrue
    nonReadyResourcesNonReadyClusters is a list of states, which is filled for a bundle that is not ready.[]NonReadyResourcefalse

    Back to Custom Resources

    BundleTarget​

    BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct.

    FieldDescriptionSchemeRequired
    BundleDeploymentOptionsBundleDeploymentOptionsfalse
    nameName of target. This value is largely for display and logging. If not specified a default name of the format \"target000\" will be usedstringfalse
    clusterNameClusterName to match a specific cluster by name that will be selectedstringfalse
    clusterSelectorClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup to match a specific cluster group by name.stringfalse
    clusterGroupSelectorClusterGroupSelector is a selector to match cluster groups.*metav1.LabelSelectorfalse
    doNotDeployDoNotDeploy if set to true, will not deploy to this target.boolfalse

    Back to Custom Resources

    BundleTargetRestriction​

    BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml.

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    ComparePatch​

    ComparePatch matches a resource and removes fields from the check for modifications.

    FieldDescriptionSchemeRequired
    kindKind is the kind of the resource to match.stringfalse
    apiVersionAPIVersion is the apiVersion of the resource to match.stringfalse
    namespaceNamespace is the namespace of the resource to match.stringfalse
    nameName is the name of the resource to match.stringfalse
    operationsOperations remove a JSON path from the resource.[]Operationfalse
    jsonPointersJSONPointers ignore diffs at a certain JSON path.[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    Content​

    Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    contentContent is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them.[]bytefalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatchesComparePatches match a resource and remove fields from the check for modifications.[]ComparePatchfalse

    Back to Custom Resources

    HelmOptions​

    HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types.

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[]ValuesFromfalse
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes Fleet skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse

    Back to Custom Resources

    IgnoreOptions​

    IgnoreOptions defines conditions to be ignored when monitoring the Bundle.

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of conditions to be ignored when monitoring the Bundle.[]map[string]stringfalse

    Back to Custom Resources

    KustomizeOptions​

    KustomizeOptions for a deployment.

    FieldDescriptionSchemeRequired
    dirDir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file.stringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    nameName of a resource in the same namespace as the referent.stringtrue

    Back to Custom Resources

    ModifiedStatus​

    ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyResource​

    NonReadyResource contains information about a bundle that is not ready for a given state like \"ErrApplied\". It contains a list of non-ready or modified resources and their states.

    FieldDescriptionSchemeRequired
    nameName is the name of the resource.stringfalse
    bundleStateState is the state of the resource, like e.g. \"NotReady\" or \"ErrApplied\".BundleStatefalse
    messageMessage contains information why the bundle is not ready.stringfalse
    modifiedStatusModifiedStatus lists the state for each modified resource.[]ModifiedStatusfalse
    nonReadyStatusNonReadyStatus lists the state for each non-ready resource.[]NonReadyStatusfalse

    Back to Custom Resources

    NonReadyStatus​

    NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary.

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    Operation of a ComparePatch, usually \"remove\".

    FieldDescriptionSchemeRequired
    opOp is usually \"remove\"stringfalse
    pathPath is the JSON path to remove.stringfalse
    valueValue is usually empty.stringfalse

    Back to Custom Resources

    Partition​

    Partition defines a separate rollout strategy for a set of clusters.

    FieldDescriptionSchemeRequired
    nameA user-friendly name given to the partition used for Display (optional).stringfalse
    maxUnavailableA number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%*intstr.IntOrStringfalse
    clusterNameClusterName is the name of a cluster to include in this partitionstringfalse
    clusterSelectorSelector matching cluster labels to include in this partition*metav1.LabelSelectorfalse
    clusterGroupA cluster group name to include in this partitionstringfalse
    clusterGroupSelectorSelector matching cluster group labels to include in this partition*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    PartitionStatus is the status of a single rollout partition.

    FieldDescriptionSchemeRequired
    nameName is the name of the partition.stringfalse
    countCount is the number of clusters in the partition.intfalse
    maxUnavailableMaxUnavailable is the maximum number of unavailable clusters in the partition.intfalse
    unavailableUnavailable is the number of unavailable clusters in the partition.intfalse
    summarySummary is a summary state for the partition, calculated over its non-ready resources.BundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    ResourceKey lists resources, which will likely be deployed.

    FieldDescriptionSchemeRequired
    kindKind is the k8s api kind of the resource.stringfalse
    apiVersionAPIVersion is the k8s api version of the resource.stringfalse
    namespaceNamespace is the namespace of the resource.stringfalse
    nameName is the name of the resource.stringfalse

    Back to Custom Resources

    RolloutStrategy​

    RolloverStrategy controls the rollout of the bundle across clusters.

    FieldDescriptionSchemeRequired
    maxUnavailableA number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%*intstr.IntOrStringfalse
    maxUnavailablePartitionsA number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0*intstr.IntOrStringfalse
    autoPartitionSizeA number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%*intstr.IntOrStringfalse
    partitionsA list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize.[]Partitionfalse

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.

    FieldDescriptionSchemeRequired
    overlaysOverlays is a list of names that maps to folders in \"overlays/\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.[]stringfalse

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenLastSeen is the last time the agent checked in to update the status of the cluster resource.metav1.Timetrue
    namespaceNamespace is the namespace of the agent deployment, e.g. \"cattle-fleet-system\".stringtrue
    nonReadyNodesNonReadyNodes is the number of nodes that are not ready.inttrue
    readyNodesReadyNodes is the number of nodes that are ready.inttrue
    nonReadyNodeNamesNonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names.[]stringtrue
    readyNodeNamesReadyNodes contains the names of ready nodes. The list is limited to at most 3 names.[]stringtrue

    Back to Custom Resources

    Cluster​

    Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    readyNodesReadyNodes is a string in the form \"%d/%d\", that describes the number of nodes that are ready vs. the number of expected nodes.stringfalse
    sampleNodeSampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready.stringfalse
    stateState of the cluster, either one of the bundle states, or \"WaitCheckIn\".stringfalse

    Back to Custom Resources

    ClusterGroup​

    ClusterGroup is a re-usable selector to target a group of clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    stateState is a summary state for the cluster group, showing \"NotReady\" if there are non-ready resources.stringfalse

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selectorSelector is a label selector, used to select clusters for this group.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountClusterCount is the number of clusters in the cluster group.inttrue
    nonReadyClusterCountNonReadyClusterCount is the number of clusters that are not ready.inttrue
    nonReadyClustersNonReadyClusters is a list of cluster names that are not ready.[]stringfalse
    conditionsConditions is a list of conditions and their statuses for the cluster group.[]genericcondition.GenericConditionfalse
    summarySummary is a summary of the bundle deployments and their resources in the cluster group.BundleSummaryfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.ClusterGroupDisplayfalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles in the cluster group.GitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    ClusterRegistration is used internally by Fleet and should not be used directly.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID.stringfalse
    clientRandomClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name.stringfalse
    clusterLabelsClusterLabels are copied to the cluster resource during the registration.map[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNameClusterName is only set after the registration is being processed by fleet-controller.stringfalse
    grantedGranted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings.boolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    ClusterRegistrationToken is used by agents to register a new cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttlTTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted.*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expiresExpires is the time when the token expires.*metav1.Timefalse
    secretNameSecretName is the name of the secret containing the token.stringfalse

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]v1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]v1.Tolerationfalse
    agentAffinityAgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used.*v1.Affinityfalse
    agentResourcesAgentResources sets the resources for the cluster's agent deployment.*v1.ResourceRequirementsfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summarySummary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource.BundleSummaryfalse
    resourceCountsResourceCounts is an aggregate over the GitRepoResourceCounts.GitRepoResourceCountsfalse
    readyGitReposReadyGitRepos is the number of gitrepos for this cluster that are ready.inttrue
    desiredReadyGitReposDesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready.inttrue
    agentEnvVarsHashAgentEnvVarsHash is a hash of the agent's env vars, used to detect changes.stringfalse
    agentPrivateRepoURLAgentPrivateRepoURL is the private repo URL for the agent that is currently used.stringfalse
    agentDeployedGenerationAgentDeployedGeneration is the generation of the agent that is currently deployed.*int64false
    agentMigratedAgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status.boolfalse
    agentNamespaceMigratedAgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status.boolfalse
    cattleNamespaceMigratedCattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status.boolfalse
    agentAffinityHashAgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes.stringfalse
    agentResourcesHashAgentResourcesHash is a hash of the agent's resources configuration, used to detect changes.stringfalse
    agentTolerationsHashAgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes.stringfalse
    agentConfigChangedAgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster.boolfalse
    apiServerURLAPIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream.stringfalse
    apiServerCAHashAPIServerCAHash is a hash of the upstream API server CA, used to detect changes.stringfalse
    displayDisplay contains the number of ready bundles, nodes and a summary state.ClusterDisplayfalse
    agentAgentStatus contains information about the agent.AgentStatusfalse

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/ref-fleet-yaml.html b/0.8/ref-fleet-yaml.html index b9596f5fe..5f0bd2374 100644 --- a/0.8/ref-fleet-yaml.html +++ b/0.8/ref-fleet-yaml.html @@ -4,13 +4,13 @@ fleet.yaml | Fleet - +
    -
    Version: 0.8

    fleet.yaml

    The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.

    For more information on how to use the fleet.yaml to customize bundles see Git Repository Contents.

    The content of the fleet.yaml corresponds to the struct at pkg/bundlereader/read.go, which contains the BundleSpec.

    Reference​

    fleet.yaml
    # The default namespace to be applied to resources. This field is not used to
    # enforce or lock down the deployment to a specific namespace, but instead
    # provide the default value of the namespace field if one is not specified
    # in the manifests.
    # Default: default
    defaultNamespace: default

    # All resources will be assigned to this namespace and if any cluster scoped
    # resource exists the deployment will fail.
    # Default: ""
    namespace: default

    # namespaceLabels are labels that will be appended to the namespace created by Fleet.
    namespaceLabels:
      key: value
    # namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.
    namespaceAnnotations:
      key: value

    # Optional map of labels, that are set at the bundle and can be used in a
    # dependsOn.selector
    labels:
      key: value

    kustomize:
      # Use a custom folder for kustomize resources. This folder must contain
      # a kustomization.yaml file.
      dir: ./kustomize

    helm:
      ### These options control how "fleet apply" downloads the chart
      #
      # Use a custom location for the Helm chart. This can refer to any go-getter URL or
      # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".
      # This allows one to download charts from most any location.  Also know that
      # go-getter URL supports adding a digest to validate the download. If repo
      # is set below this field is the name of the chart to lookup
      chart: ./chart
      # A https URL to a Helm repo to download the chart from. It's typically easier
      # to just use `chart` field and refer to a tgz file.  If repo is used the
      # value of `chart` will be used as the chart name to lookup in the Helm repository.
      repo: https://charts.rancher.io
      # The version of the chart or semver constraint of the chart to find. If a constraint
      # is specified it is evaluated each time git changes.
      # The version also determines which chart to download from OCI registries.
      version: 0.1.0

      ### These options only work for helm-type bundles
      #
      # Any values that should be placed in the `values.yaml` and passed to helm during
      # install.
      values:
        any-custom: value
      # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME
      # These can now be accessed directly as variables
      # The variable's value will be an empty string if the referenced cluster label does not
      # exist on the targeted cluster
        variableName: global.fleet.clusterLabels.LABELNAME
      # It is possible to specify the keys and values as go template strings for
      # advanced templating needs. Most of the functions from the sprig templating
      # library are available. Note, if the functions output changes with every
      # call, e.g. `uuidv4`, the bundle will get redeployed.
      # The template context has following keys.
      # `.ClusterValues` are retrieved from target cluster's `spec.templateValues`
      # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.
      # `.ClusterName` as the fleet's cluster resource name.
      # `.ClusterNamespace` as the namespace in which the cluster resource exists.
      # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,
      #       unlike helm which uses {{ }}.
        templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"
        valueFromEnv:
          "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }
      # Path to any values files that need to be passed to helm during install
      valuesFiles:
        - values1.yaml
        - values2.yaml
      # Allow to use values files from configmaps or secrets defined in the downstream clusters
      valuesFrom:
      - configMapKeyRef:
          name: configmap-values
          # default to namespace of bundle
          namespace: default
          key: values.yaml
      - secretKeyRef:
          name: secret-values
          namespace: default
          key: values.yaml

      ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.
      #
      # A custom release name to deploy the chart as. If not specified a release name
      # will be generated by combining the invoking GitRepo.name + GitRepo.path.
      releaseName: my-release
      # Makes helm skip the check for its own annotations
      takeOwnership: false
      # Override immutable resources. This could be dangerous.
      force: false
      # Set the Helm --atomic flag when upgrading
      atomic: false
      # Disable go template pre-processing on the fleet values
      disablePreProcess: false
      # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.
      # It will wait for as long as timeoutSeconds
      waitForJobs: true

    # A paused bundle will not update downstream clusters but instead mark the bundle
    # as OutOfSync. One can then manually confirm that a bundle should be deployed to
    # the downstream clusters.
    # Default: false
    paused: false

    rolloutStrategy:
        # A number or percentage of clusters that can be unavailable during an update
        # of a bundle. This follows the same basic approach as a deployment rollout
        # strategy. Once the number of clusters meets unavailable state update will be
        # paused. Default value is 100% which doesn't take effect on update.
        # default: 100%
        maxUnavailable: 15%
        # A number or percentage of cluster partitions that can be unavailable during
        # an update of a bundle.
        # default: 0
        maxUnavailablePartitions: 20%
        # A number of percentage of how to automatically partition clusters if not
        # specific partitioning strategy is configured.
        # default: 25%
        autoPartitionSize: 10%
        # A list of definitions of partitions.  If any target clusters do not match
        # the configuration they are added to partitions at the end following the
        # autoPartitionSize.
        partitions:
          # A user friend name given to the partition used for Display (optional).
          # default: ""
        - name: canary
          # A number or percentage of clusters that can be unavailable in this
          # partition before this partition is treated as done.
          # default: 10%
          maxUnavailable: 10%
          # Selector matching cluster labels to include in this partition
          clusterSelector:
            matchLabels:
              env: prod
          # A cluster group name to include in this partition
          clusterGroup: agroup
          # Selector matching cluster group labels to include in this partition
          clusterGroupSelector:
            clusterSelector:
              matchLabels:
                env: prod

    # Target customization are used to determine how resources should be modified per target
    # Targets are evaluated in order and the first one to match a cluster is used for that cluster.
    targetCustomizations:
    # The name of target. If not specified a default name of the format "target000"
    # will be used. This value is mostly for display
    - name: prod
      # Custom namespace value overriding the value at the root
      namespace: newvalue
      # Custom defaultNamespace value overriding the value at the root
      defaultNamespace: newdefaultvalue
      # Custom kustomize options overriding the options at the root
      kustomize: {}
      # Custom Helm options override the options at the root
      helm: {}
      # If using raw YAML these are names that map to overlays/{name} that will be used
      # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml
      # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.
      # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
      # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin
      # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.
      yaml:
        overlays:
        - custom2
        - custom3
      # A selector used to match clusters.  The structure is the standard
      # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,
      # clusterSelector will be used only to further refine the selection after
      # clusterGroupSelector and clusterGroup is evaluated.
      clusterSelector:
        matchLabels:
          env: prod
      # A selector used to match a specific cluster by name. When using Fleet in
      # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.
      clusterName: dev-cluster
      # A selector used to match cluster groups.
      clusterGroupSelector:
        matchLabels:
          region: us-east
      # A specific clusterGroup by name that will be selected
      clusterGroup: group1
      # Resources will not be deployed in the matched clusters if doNotDeploy is true.
      doNotDeploy: false

    # dependsOn allows you to configure dependencies to other bundles. The current bundle
    # will only be deployed, after all dependencies are deployed and in a Ready state.
    dependsOn:
      # Format: <GITREPO-NAME>-<BUNDLE_PATH> with all path separators replaced by "-"
      # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"
      # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:
      # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7
      - name: one-multi-cluster-hello-world
      # Select bundles to depend on based on their label.
      - selector:
          matchLabels:
            app: weak-monkey

    # Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources
    # makes the Bundle to be in an error state when it shouldn't.
    ignore:
      # Conditions to be ignored
      conditions:
      # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}
      - type: Active
        status: "False"

    # Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.
    overrideTargets:
      - clusterSelector:
          matchLabels:
            env: dev

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.8

    fleet.yaml

    The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.

    For more information on how to use the fleet.yaml to customize bundles see Git Repository Contents.

    The content of the fleet.yaml corresponds to the struct at pkg/bundlereader/read.go, which contains the BundleSpec.

    Reference​

    fleet.yaml
    # The default namespace to be applied to resources. This field is not used to
    # enforce or lock down the deployment to a specific namespace, but instead
    # provide the default value of the namespace field if one is not specified
    # in the manifests.
    # Default: default
    defaultNamespace: default

    # All resources will be assigned to this namespace and if any cluster scoped
    # resource exists the deployment will fail.
    # Default: ""
    namespace: default

    # namespaceLabels are labels that will be appended to the namespace created by Fleet.
    namespaceLabels:
      key: value
    # namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.
    namespaceAnnotations:
      key: value

    # Optional map of labels, that are set at the bundle and can be used in a
    # dependsOn.selector
    labels:
      key: value

    kustomize:
      # Use a custom folder for kustomize resources. This folder must contain
      # a kustomization.yaml file.
      dir: ./kustomize

    helm:
      ### These options control how "fleet apply" downloads the chart
      #
      # Use a custom location for the Helm chart. This can refer to any go-getter URL or
      # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".
      # This allows one to download charts from most any location.  Also know that
      # go-getter URL supports adding a digest to validate the download. If repo
      # is set below this field is the name of the chart to lookup
      chart: ./chart
      # A https URL to a Helm repo to download the chart from. It's typically easier
      # to just use `chart` field and refer to a tgz file.  If repo is used the
      # value of `chart` will be used as the chart name to lookup in the Helm repository.
      repo: https://charts.rancher.io
      # The version of the chart or semver constraint of the chart to find. If a constraint
      # is specified it is evaluated each time git changes.
      # The version also determines which chart to download from OCI registries.
      version: 0.1.0

      ### These options only work for helm-type bundles
      #
      # Any values that should be placed in the `values.yaml` and passed to helm during
      # install.
      values:
        any-custom: value
      # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME
      # These can now be accessed directly as variables
      # The variable's value will be an empty string if the referenced cluster label does not
      # exist on the targeted cluster
        variableName: global.fleet.clusterLabels.LABELNAME
      # It is possible to specify the keys and values as go template strings for
      # advanced templating needs. Most of the functions from the sprig templating
      # library are available. Note, if the functions output changes with every
      # call, e.g. `uuidv4`, the bundle will get redeployed.
      # The template context has following keys.
      # `.ClusterValues` are retrieved from target cluster's `spec.templateValues`
      # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.
      # `.ClusterName` as the fleet's cluster resource name.
      # `.ClusterNamespace` as the namespace in which the cluster resource exists.
      # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,
      #       unlike helm which uses {{ }}.
        templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"
        valueFromEnv:
          "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }
      # Path to any values files that need to be passed to helm during install
      valuesFiles:
        - values1.yaml
        - values2.yaml
      # Allow to use values files from configmaps or secrets defined in the downstream clusters
      valuesFrom:
      - configMapKeyRef:
          name: configmap-values
          # default to namespace of bundle
          namespace: default
          key: values.yaml
      - secretKeyRef:
          name: secret-values
          namespace: default
          key: values.yaml

      ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.
      #
      # A custom release name to deploy the chart as. If not specified a release name
      # will be generated by combining the invoking GitRepo.name + GitRepo.path.
      releaseName: my-release
      # Makes helm skip the check for its own annotations
      takeOwnership: false
      # Override immutable resources. This could be dangerous.
      force: false
      # Set the Helm --atomic flag when upgrading
      atomic: false
      # Disable go template pre-processing on the fleet values
      disablePreProcess: false
      # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.
      # It will wait for as long as timeoutSeconds
      waitForJobs: true

    # A paused bundle will not update downstream clusters but instead mark the bundle
    # as OutOfSync. One can then manually confirm that a bundle should be deployed to
    # the downstream clusters.
    # Default: false
    paused: false

    rolloutStrategy:
        # A number or percentage of clusters that can be unavailable during an update
        # of a bundle. This follows the same basic approach as a deployment rollout
        # strategy. Once the number of clusters meets unavailable state update will be
        # paused. Default value is 100% which doesn't take effect on update.
        # default: 100%
        maxUnavailable: 15%
        # A number or percentage of cluster partitions that can be unavailable during
        # an update of a bundle.
        # default: 0
        maxUnavailablePartitions: 20%
        # A number of percentage of how to automatically partition clusters if not
        # specific partitioning strategy is configured.
        # default: 25%
        autoPartitionSize: 10%
        # A list of definitions of partitions.  If any target clusters do not match
        # the configuration they are added to partitions at the end following the
        # autoPartitionSize.
        partitions:
          # A user friend name given to the partition used for Display (optional).
          # default: ""
        - name: canary
          # A number or percentage of clusters that can be unavailable in this
          # partition before this partition is treated as done.
          # default: 10%
          maxUnavailable: 10%
          # Selector matching cluster labels to include in this partition
          clusterSelector:
            matchLabels:
              env: prod
          # A cluster group name to include in this partition
          clusterGroup: agroup
          # Selector matching cluster group labels to include in this partition
          clusterGroupSelector:
            clusterSelector:
              matchLabels:
                env: prod

    # Target customization are used to determine how resources should be modified per target
    # Targets are evaluated in order and the first one to match a cluster is used for that cluster.
    targetCustomizations:
    # The name of target. If not specified a default name of the format "target000"
    # will be used. This value is mostly for display
    - name: prod
      # Custom namespace value overriding the value at the root
      namespace: newvalue
      # Custom defaultNamespace value overriding the value at the root
      defaultNamespace: newdefaultvalue
      # Custom kustomize options overriding the options at the root
      kustomize: {}
      # Custom Helm options override the options at the root
      helm: {}
      # If using raw YAML these are names that map to overlays/{name} that will be used
      # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml
      # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.
      # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
      # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin
      # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.
      yaml:
        overlays:
        - custom2
        - custom3
      # A selector used to match clusters.  The structure is the standard
      # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,
      # clusterSelector will be used only to further refine the selection after
      # clusterGroupSelector and clusterGroup is evaluated.
      clusterSelector:
        matchLabels:
          env: prod
      # A selector used to match a specific cluster by name. When using Fleet in
      # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.
      clusterName: dev-cluster
      # A selector used to match cluster groups.
      clusterGroupSelector:
        matchLabels:
          region: us-east
      # A specific clusterGroup by name that will be selected
      clusterGroup: group1
      # Resources will not be deployed in the matched clusters if doNotDeploy is true.
      doNotDeploy: false

    # dependsOn allows you to configure dependencies to other bundles. The current bundle
    # will only be deployed, after all dependencies are deployed and in a Ready state.
    dependsOn:
      # Format: <GITREPO-NAME>-<BUNDLE_PATH> with all path separators replaced by "-"
      # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"
      # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:
      # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7
      - name: one-multi-cluster-hello-world
      # Select bundles to depend on based on their label.
      - selector:
          matchLabels:
            app: weak-monkey

    # Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources
    # makes the Bundle to be in an error state when it shouldn't.
    ignore:
      # Conditions to be ignored
      conditions:
      # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}
      - type: Active
        status: "False"

    # Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.
    overrideTargets:
      - clusterSelector:
          matchLabels:
            env: dev

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/ref-gitrepo.html b/0.8/ref-gitrepo.html index 892c20a95..484c10303 100644 --- a/0.8/ref-gitrepo.html +++ b/0.8/ref-gitrepo.html @@ -4,14 +4,14 @@ GitRepo Resource | Fleet - +
    Version: 0.8

    GitRepo Resource

    The GitRepo resource describes git repositories, how to access them and where the bundles are located.

    The content of the resource corresponds to the GitRepoSpec. -For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      #
      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.
      # Credentials will always be used if it is empty or not provided
      #
      # helmRepoURLRegex: https://charts.rancher.io/*
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      # If empty, the "default" cluster group is used.
      #
      # targets: ...
      #
      # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses
      # a three-way merge strategy by default. 
      # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating 
      # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.
      # Keep in mind that resources might be recreated if force is enabled.
      # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.
      #
      #  correctDrift:
      #    enabled: false
      #    force: false #Warning: it might recreate resources if set to true
      #    keepFailHistory: false
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      #
      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.
      # Credentials will always be used if it is empty or not provided
      #
      # helmRepoURLRegex: https://charts.rancher.io/*
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      # If empty, the "default" cluster group is used.
      #
      # targets: ...
      #
      # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses
      # a three-way merge strategy by default. 
      # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating 
      # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.
      # Keep in mind that resources might be recreated if force is enabled.
      # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.
      #
      #  correctDrift:
      #    enabled: false
      #    force: false #Warning: it might recreate resources if set to true
      #    keepFailHistory: false
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/ref-registration.html b/0.8/ref-registration.html index 97e33074c..263282031 100644 --- a/0.8/ref-registration.html +++ b/0.8/ref-registration.html @@ -4,7 +4,7 @@ Cluster Registration Internals | Fleet - + @@ -14,8 +14,8 @@ The import.go will enqueue itself until the import service account exists, because that’s needed to create the fleet-agent-bootstrap secret. Now, the fleet-agent and the bootstrap secret are present on the downstream cluster

    Fleet-Agent -> ClusterRegistration​

    Immediately the fleet-agent checks for a fleet-agent-bootstrap secret (which contains the import kubeconfig) and starts registering if present. Then fleet-agent creates a clusterregistration resource in fleet-default on the management cluster, with a random number. The random number will be used for the registration secret’s name.

    fleet-controller triggers and tries to grant the clusterregistration request to create fleet-agent’s serviceaccount and create the ‘c-*’ registration secret with the clients new kubeconfig. The registration secret name is hash("clientID-clientRandom"). The new kubeconfig uses the "request" account. The request account can access the cluster status, bundledeployments and contents.

    Notes​

    • The registration starts with the "import" account and pivots to the "request" account.
    • The fleet-default namespace has all the cluster registrations, the import account uses a separate namespace.
    • Once the agent is registered, fleet-controller will trigger on a cluster/namespace change and call manageagent to create a bundle. The agent will update itself to the bundle and since the generation env var changes it will restart.
    • If no bootstrap secret exists, the agent will not re-register.

    Diagram​

    Process​

    Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster. -It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Secrets​

    This diagram shows the resources created during registration and focuses on the k8s API server configuration.

    Registration Secrets

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Secrets​

    This diagram shows the resources created during registration and focuses on the k8s API server configuration.

    Registration Secrets

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/ref-resources.html b/0.8/ref-resources.html index ac3db1b18..b3f246fbb 100644 --- a/0.8/ref-resources.html +++ b/0.8/ref-resources.html @@ -4,13 +4,13 @@ List of Deployed Resources | Fleet - +
    -
    Version: 0.8

    List of Deployed Resources

    After installing Fleet in Rancher these resources are created in the upstream cluster.

    TypeNameNamespace
    From Helm, intial setup:
    ClusterRolefleet-controller-
    ClusterRolegitjob-
    ClusterRoleBindingfleet-controller-
    ClusterRoleBindinggitjob-binding-
    ConfigMapfleet-controllercattle-fleet-system
    Deploymentfleet-controllercattle-fleet-system
    Deploymentgitjobcattle-fleet-system
    Rolefleet-controllercattle-fleet-system
    Rolegitjobcattle-fleet-system
    RoleBindingfleet-controllercattle-fleet-system
    RoleBindinggitjobcattle-fleet-system
    Servicegitjobcattle-fleet-system
    ServiceAccountfleet-controllercattle-fleet-system
    ServiceAccountgitjobcattle-fleet-system
    Generated:
    clusters.fleet.cattle.iolocalfleet-local
    clusters.provisioning.cattle.iolocalfleet-local
    clusters.management.cattle.iolocal-
    ClusterGroupdefaultfleet-local
    Bundlefleet-agent-localfleet-local
    For each registered cluster:
    clusters.provisioning.cattle.ioby default fleet-default
    clusters.management.cattle.iogenerated-
    clusters.fleet.cattle.iofleet-default
    Bundlefleet-default
    BundleDeploymentcluster-fleet-local-local-IDfleet-agent-local

    Also see [namespaces]

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.8

    List of Deployed Resources

    After installing Fleet in Rancher these resources are created in the upstream cluster.

    TypeNameNamespace
    From Helm, intial setup:
    ClusterRolefleet-controller-
    ClusterRolegitjob-
    ClusterRoleBindingfleet-controller-
    ClusterRoleBindinggitjob-binding-
    ConfigMapfleet-controllercattle-fleet-system
    Deploymentfleet-controllercattle-fleet-system
    Deploymentgitjobcattle-fleet-system
    Rolefleet-controllercattle-fleet-system
    Rolegitjobcattle-fleet-system
    RoleBindingfleet-controllercattle-fleet-system
    RoleBindinggitjobcattle-fleet-system
    Servicegitjobcattle-fleet-system
    ServiceAccountfleet-controllercattle-fleet-system
    ServiceAccountgitjobcattle-fleet-system
    Generated:
    clusters.fleet.cattle.iolocalfleet-local
    clusters.provisioning.cattle.iolocalfleet-local
    clusters.management.cattle.iolocal-
    ClusterGroupdefaultfleet-local
    Bundlefleet-agent-localfleet-local
    For each registered cluster:
    clusters.provisioning.cattle.ioby default fleet-default
    clusters.management.cattle.iogenerated-
    clusters.fleet.cattle.iofleet-default
    Bundlefleet-default
    BundleDeploymentcluster-fleet-local-local-IDfleet-agent-local

    Also see [namespaces]

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/resources-during-deployment.html b/0.8/resources-during-deployment.html index cbc81d960..be221da0b 100644 --- a/0.8/resources-during-deployment.html +++ b/0.8/resources-during-deployment.html @@ -4,13 +4,13 @@ Custom Resources During Deployment | Fleet - +
    -
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/troubleshooting.html b/0.8/troubleshooting.html index d5664d35c..37a9b45e0 100644 --- a/0.8/troubleshooting.html +++ b/0.8/troubleshooting.html @@ -4,7 +4,7 @@ Troubleshooting | Fleet - + @@ -12,8 +12,8 @@
    Version: 0.8

    Troubleshooting

    This section contains commands and tips to troubleshoot Fleet.

    How Do I...​

    Fetch the log from fleet-controller?​

    In the local management cluster where the fleet-controller is deployed, run the following command with your specific fleet-controller pod name filled in:

    $ kubectl logs -l app=fleet-controller -n cattle-fleet-system

    Fetch the log from the fleet-agent?​

    Go to each downstream cluster and run the following command for the local cluster with your specific fleet-agent pod name filled in:

    # Downstream cluster
    $ kubectl logs -l app=fleet-agent -n cattle-fleet-system
    # Local cluster
    $ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system

    Fetch detailed error logs from GitRepos and Bundles?​

    Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:

    • For more information about the bundle, click on bundle, and the YAML mode will be enabled.
    • For more information about the GitRepo, click on GitRepo, then click on View Yaml in the upper right of the screen. After viewing the YAML, check status.conditions; a detailed error message should be displayed here.
    • Check the fleet-controller for synching errors.
    • Check the fleet-agent log in the downstream cluster if you encounter issues when deploying the bundle.

    Fetch detailed status from GitRepos and Bundles?​

    For debugging and bug reports the raw JSON of the resources status fields is most useful. This can be accessed in the Rancher UI, or through kubectl:

    kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}
    kubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}

    Check a chart rendering error in Kustomize?​

    Check the fleet-controller logs and the fleet-agent logs.

    Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?​

    Check the gitjob-controller logs using the following command with your specific gitjob pod name filled in:

    $ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system

    Note that there are two containers inside the pod: the step-git-source container that clones the git repo, and the fleet container that applies bundles based on the git repo.

    The pods will usually have images named rancher/tekton-utils with the gitRepo name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific gitRepoName pod name and namespace:

    $ kubectl logs -f $gitRepoName-pod-name -n namespace

    Check the status of the fleet-controller?​

    You can check the status of the fleet-controller pods by running the commands below:

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    Enable debug logging for fleet-controller and fleet-agent?​

    Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added.

    • Go to the Dashboard, then click on the local cluster in the left navigation menu
    • Select Apps & Marketplace, then Installed Apps from the dropdown
    • From there, you will upgrade the Fleet chart with the value debug=true. You can also set debugLevel=5 if desired.

    Additional Solutions for Other Fleet Issues​

    Naming conventions for CRDs​

    1. For CRD terms like clusters and gitrepos, you must reference the full CRD name. For example, the cluster CRD's complete name is cluster.fleet.cattle.io, and the gitrepo CRD's complete name is gitrepo.fleet.cattle.io.

    2. Bundles, which are created from the GitRepo, follow the pattern $gitrepoName-$path in the same workspace/namespace where the GitRepo was created. Note that $path is the path directory in the git repository that contains the bundle (fleet.yaml).

    3. BundleDeployments, which are created from the bundle, follow the pattern $bundleName-$clusterName in the namespace clusters-$workspace-$cluster-$generateHash. Note that $clusterName is the cluster to which the bundle will be deployed.

    HTTP secrets in Github​

    When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:

    1. Create a personal access token in Github.
    2. In Rancher, create an HTTP secret with your Github username.
    3. Use your token as the secret.

    Fleet fails with bad response code: 403​

    If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your fleet.yaml:

    time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"

    Perform the following steps to assess:

    • Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully
    • Check that your credentials for the git repo are valid

    Helm chart repo: certificate signed by unknown authority​

    If your GitJob returns the error below, you may have added the wrong certificate chain:

    time="2021-11-11T05:55:08Z" level=fatal msg="Get \"https://helm.intra/virtual-helm/index.yaml\": x509: certificate signed by unknown authority"

    Please verify your certificate with the following command:

    context=playground-local
    kubectl get secret -n fleet-default helm-repo -o jsonpath="{['data']['cacerts']}" --context $context | base64 -d | openssl x509 -text -noout
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71
            Signature Algorithm: sha512WithRSAEncryption
            Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3
    ...

    Fleet deployment stuck in modified state​

    When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.

    To ignore the modified flag for the differences between the Helm install generated by fleet.yaml and the resource in your cluster, add a diff.comparePatches to the fleet.yaml for your Deployment, as shown in this example:

    defaultNamespace: <namespace name>
    helm:
      releaseName: <release name>
      repo: <repo name>
      chart: <chart name>
    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        operations:
        - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}
        - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}
        jsonPointers: # jsonPointers allows to ignore diffs at certain json path
        - "/spec/template/spec/priorityClassName"
        - "/spec/template/spec/tolerations"

    To determine which operations should be removed, observe the logs from fleet-agent on the target cluster. You should see entries similar to the following:

    level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\"spec\":{\"template\":{\"spec\":{\"hostNetwork\":false}}}}"

    Based on the above log, you can add the following entry to remove the operation:

    {"op":"remove", "path":"/spec/template/spec/hostNetwork"}

    GitRepo or Bundle stuck in modified state​

    Modified means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository.

    1. Check the bundle diffs documentation for more information.

    2. You can also force update the gitrepo to perform a manual resync. Select GitRepo on the left navigation bar, then select Force Update.

    Bundle has a Horizontal Pod Autoscaler (HPA) in modified state​

    For bundles with an HPA, the expected state is Modified, as the bundle contains fields that differ from the state of the Bundle at deployment - usually ReplicaSet.

    You must define a patch in the fleet.yaml to ignore this field according to GitRepo or Bundle stuck in modified state.

    Here is an example of such a patch for the deployment nginx in namespace default:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: nginx
        namespace: default
        operations:
        - {"op": "remove", "path": "/spec/replicas"}

    What if the cluster is unavailable, or is in a WaitCheckIn state?​

    You will need to re-import and restart the registration process: Select Cluster on the left navigation bar, then select Force Update

    caution

    WaitCheckIn status for Rancher v2.5: The cluster will show in WaitCheckIn status because the fleet-controller is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the Rancher docs.

    GitRepo complains with gzip: invalid header​

    When you see an error like the one below ...

    Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header

    ... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content.

    Agent is no longer registered​

    You can force a redeployment of an agent for a given cluster by setting redeployAgentGeneration.

    kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p '[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]'

    Nested GitRepo CRs​

    Managing Fleet within Fleet (nested GitRepo usage) is not currently supported. We will update the documentation if support becomes available.

    Migrate the local cluster to the Fleet default cluster workspace?​

    Users can create new workspaces and move clusters across workspaces. -It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/tut-deployment.html b/0.8/tut-deployment.html index 19642f7f9..8714314ab 100644 --- a/0.8/tut-deployment.html +++ b/0.8/tut-deployment.html @@ -4,7 +4,7 @@ Creating a Deployment | Fleet - + @@ -13,8 +13,8 @@ For more details on the options that are available per Git repository see Adding a GitRepo.

    Single-Cluster Examples​

    All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet.

    An example using Helm. We are deploying the helm example to the local cluster.

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment:

    fleet.yaml
    namespace: fleet-helm-example

    # Custom helm options
    helm:
      # The release name to use. If empty a generated release name will be used
      releaseName: guestbook

      # The directory of the chart in the repo.  Also any valid go-getter supported
      # URL can be used there is specify where to download the chart from.
      # If repo below is set this value if the chart name in the repo
      chart: ""

      # An https to a valid Helm repository to download the chart from
      repo: ""

      # Used if repo is set to look up the version of the chart
      version: ""

      # Force recreate resource that can not be updated
      force: false

      # How long for helm to wait for the release to be active. If the value
      # is less that or equal to zero, we will not wait in Helm
      timeoutSeconds: 0

      # Custom values that will be passed as values.yaml to the installation
      values:
        replicas: 2

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-local namespace contains the local cluster resource. The local fleet-agent will create the deployment in the fleet-helm-example namespace.

    kubectl apply -n fleet-local -f - <<EOF
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - single-cluster/helm
    EOF

    Multi-Cluster Examples​

    The examples below will deploy a multi git repo to multiple clusters at once and configure the app differently for each target.

    An example using Helm. We are deploying the helm example and customizing it per target cluster

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment. The fleet.yaml is used to configure different deployment options, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-helm-example
    targetCustomizations:
    - name: dev
      helm:
        values:
          replication: false
      clusterSelector:
        matchLabels:
          env: dev

    - name: test
      helm:
        values:
          replicas: 3
      clusterSelector:
        matchLabels:
          env: test

    - name: prod
      helm:
        values:
          serviceType: LoadBalancer
          replicas: 3
      clusterSelector:
        matchLabels:
          env: prod

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/helm
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod

    By applying the gitrepo resource to the upstream cluster, fleet will start to monitor the repository and create deployments:

    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +The application will be customized as follows per environment:

    • Dev clusters: Only the redis leader is deployed and not the followers.
    • Test clusters: Scale the front deployment to 3
    • Prod clusters: Scale the front deployment to 3 and set the service type to LoadBalancer

    The fleet.yaml is used to control which 'yaml' overlays are used, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-manifest-example
    targetCustomizations:
    - name: dev
      clusterSelector:
        matchLabels:
          env: dev
      yaml:
        overlays:
        # Refers to overlays/noreplication folder
        - noreplication

    - name: test
      clusterSelector:
        matchLabels:
          env: test
      yaml:
        overlays:
        # Refers to overlays/scale3 folder
        - scale3

    - name: prod
      clusterSelector:
        matchLabels:
          env: prod
      yaml:
        # Refers to overlays/servicelb, scale3 folders
        overlays:
        - servicelb
        - scale3

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: manifests
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/manifests
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod
    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/uninstall.html b/0.8/uninstall.html index 762e7c34a..9525963df 100644 --- a/0.8/uninstall.html +++ b/0.8/uninstall.html @@ -4,15 +4,15 @@ Uninstall | Fleet - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    caution

    Uninstalling the CRDs will remove all deployed workloads.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.8/webhook.html b/0.8/webhook.html index b5821a0c0..c86dd7719 100644 --- a/0.8/webhook.html +++ b/0.8/webhook.html @@ -4,15 +4,15 @@ Using Webhooks Instead of Polling | Fleet - +
    Version: 0.8

    Using Webhooks Instead of Polling

    By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens).

    For installations with multiple tens up to hundreds of Git repos, and in general to reduce latency (the time between a push to Git and fleet reacting to it), configuring webhooks is recommended instead of polling.

    Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs.

    1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.​

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: webhook-ingress
      namespace: cattle-fleet-system
    spec:
      rules:
      - host: your.domain.com
        http:
          paths:
            - path: /
              pathType: Prefix
              backend:
                service:
                  name: gitjob
                  port:
                    number: 80
    info

    You can configure TLS on ingress.

    2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.​

    Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default. If your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the -secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9.html b/0.9.html index 9db3dc4e8..a0039729b 100644 --- a/0.9.html +++ b/0.9.html @@ -4,13 +4,13 @@ Overview | Fleet - +
    -
    Version: 0.9

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/architecture.html b/0.9/architecture.html index d8a687ef6..d9b5f3d6d 100644 --- a/0.9/architecture.html +++ b/0.9/architecture.html @@ -4,7 +4,7 @@ Architecture | Fleet - + @@ -28,8 +28,8 @@ The cluster registration token is used only during the registration process to g to that cluster. After the cluster credential is established the cluster "forgets" the cluster registration token.

    The service accounts given to the clusters only have privileges to list BundleDeployment in the namespace created specifically for that cluster. It can also update the status subresource of BundleDeployment and the status -subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/bundle-add.html b/0.9/bundle-add.html index 4ff7358a1..98ac48d68 100644 --- a/0.9/bundle-add.html +++ b/0.9/bundle-add.html @@ -4,7 +4,7 @@ Create a Bundle Resource | Fleet - + @@ -15,8 +15,8 @@ manually by the user. If you want to deploy resources from a git repository use When creating a Bundle resources need to be explicitly specified in the Bundle Spec. Resources can be compressed with gz. See here an example of how Rancher uses compression in go code.

    If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in GitRepo. -See Mapping to Downstream Clusters.

    The following example creates a nginx Deployment in the local cluster:

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      resources:
      # List of all resources that will be deployed
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml
      targets:
      - clusterName: local

    Limitations​

    Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:

    • spec.helm.repo
    • spec.helm.charts

    You can't use a fleet.yaml in resources, it is only used by the fleet-cli to create bundles.

    The spec.targetRestrictions field is not useful, as it is an allow list for targets specified in spec.targets. It is not needed, since targets are explicitly given in a bundle and an empty targetRestrictions defaults to allow.

    Convert a Helm Chart into a Bundle​

    You can use the Fleet CLI to convert a Helm chart into a bundle.

    For example, you can download and convert the "external secrets" operator chart like this:

    cat > targets.yaml <<EOF
    targets:
    - clusterSelector: {}
    EOF

    mkdir app
    cat > app/fleet.yaml <<EOF
    defaultNamespace: external-secrets
    helm:
      repo: https://charts.external-secrets.io
      chart: external-secrets
    EOF

    fleet apply --compress --targets-file=targets.yaml -n fleet-default -o - external-secrets app > eso-bundle.yaml

    kubectl apply -f eso-bundle.yaml

    Make sure you use a cluster selector in targets.yaml, that matches all clusters you want to deploy to.

    The blog post on Fleet: Multi-Cluster Deployment with the Help of External Secrets has more information.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +See Mapping to Downstream Clusters.

    The following example creates a nginx Deployment in the local cluster:

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      resources:
      # List of all resources that will be deployed
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml
      targets:
      - clusterName: local

    Limitations​

    Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:

    • spec.helm.repo
    • spec.helm.charts

    You can't use a fleet.yaml in resources, it is only used by the fleet-cli to create bundles.

    The spec.targetRestrictions field is not useful, as it is an allow list for targets specified in spec.targets. It is not needed, since targets are explicitly given in a bundle and an empty targetRestrictions defaults to allow.

    Convert a Helm Chart into a Bundle​

    You can use the Fleet CLI to convert a Helm chart into a bundle.

    For example, you can download and convert the "external secrets" operator chart like this:

    cat > targets.yaml <<EOF
    targets:
    - clusterSelector: {}
    EOF

    mkdir app
    cat > app/fleet.yaml <<EOF
    defaultNamespace: external-secrets
    helm:
      repo: https://charts.external-secrets.io
      chart: external-secrets
    EOF

    fleet apply --compress --targets-file=targets.yaml -n fleet-default -o - external-secrets app > eso-bundle.yaml

    kubectl apply -f eso-bundle.yaml

    Make sure you use a cluster selector in targets.yaml, that matches all clusters you want to deploy to.

    The blog post on Fleet: Multi-Cluster Deployment with the Help of External Secrets has more information.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/bundle-diffs.html b/0.9/bundle-diffs.html index 23efc06b7..9c74b74f0 100644 --- a/0.9/bundle-diffs.html +++ b/0.9/bundle-diffs.html @@ -4,14 +4,14 @@ Generating Diffs to Ignore Modified GitRepos | Fleet - +
    Version: 0.9

    Generating Diffs to Ignore Modified GitRepos

    Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.

    You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the Bundles section.

    The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the caBundle is empty and the CA cert is injected by the cluster.

    This leads the status of the bundle and associated GitRepo to be reported as "Modified"

    Associated Bundle -

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto.

    https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto.

    https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/changelogs.html b/0.9/changelogs.html index 5095e563f..45f93d3f4 100644 --- a/0.9/changelogs.html +++ b/0.9/changelogs.html @@ -4,13 +4,13 @@ 0.9 Changelogs | Fleet - +
    -
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/changelogs/changelogs/v0.9.0.html b/0.9/changelogs/changelogs/v0.9.0.html index 393037db5..8868a9d67 100644 --- a/0.9/changelogs/changelogs/v0.9.0.html +++ b/0.9/changelogs/changelogs/v0.9.0.html @@ -4,13 +4,13 @@ v0.9.0 | Fleet - +
    -
    Version: 0.9

    v0.9.0

    • (rancherio-gh-m) released this 2023-11-07 12:30:45 +0000 UTC*

    Description​

    Notes

    Fleet 0.9 contains major changes to Gitjob. The existing git handling code has been unified and now uses the go-git library. The tekton CLI, which was used for cloning, has been removed. The release improves the performance on downstream clusters, by using a caching client with the helm SDK.

    Known Issues

    • Gitjob might report "git binary not found" if the path within the repository does not exist. rancher/rancher#43499

    Additions

    • Add helm version to capabilities by @manno in #1743
    • Add support for spec field identifying KUBECONFIG namespace for imported clusters by @aiyengar2 in #1786
    • Allow configuring EnableDNS property in Helm through fleet.yaml by @aruiz14 in #1755
    • Allow skipping Helm's schema validation through fleet.yaml by @aruiz14 in #1769
    • Document public API by @manno in #1639
    • Add descriptions to CRDs by @aruiz14 in #1798
    • Helm Storage Backend With Caching by @raulcabello in #1809
    • Include nonResourceURLs Fleet-Agent's RBAC by @manno in #1806

    Bugfixes

    • Add SecurityContext to job container by @raulcabello in #1878
    • Incorrect agent's DebugLevel when settings propagation is set by @aruiz14 in #1776
    • Initialise cluster registration labels map if empty by @weyfonk in #1832
    • Pin version of k8s.io/dynamic-resource-allocation by @aruiz14 in #1754

    What's Changed

    • Add dev scripts to simplify using E2E tests by @p-se in #1764
    • Add integration test to verify fleet.yaml helm options for non-helm type bundles by @thardeck in #1775
    • CI: Retry on context deadline exceeded by @p-se in #1788
    • Document APIServerURL in the config by @manno in #1795
    • E2E: Fix flaky single cluster tests by @p-se in #1784
    • E2E: Increase testenv reliability by @p-se in #1704
    • Fix nightly image build workflow YAML by @manno in #1758
    • Fix patch_crd_descriptions.sh when yq is not installed by @raulcabello in #1810
    • Fixes for running multi cluster E2E tests locally by @p-se in #1762
    • Fix CA variable usage in dev/setup-fleet by @manno in #1766
    • Improve release scripts by @thardeck in #1761
    • Increase speed of clusterregistration clean up hook by @manno in #1712
    • Remove previous version selection in release against rancher script by @thardeck in #1773
    • Remove Tekton references from release docs by @weyfonk in #1833
    • Remove tekton by @raulcabello in #1782
    • Retry k3d image import in workflows by @manno in #1793
    • Simplify Golang version management by @olblak in #1714
    • Switch k3d import to default mode to detect error in e2e setup by @manno in #1797
    • Testenv infra uses local fleet module by @manno in #1756
    • Update README.md with instructions on how to use nektos/act by @p-se in #1765
    • Upgrade k3d k8s versions in CI by @manno in #1780
    • Use constants for agent cluster role names by @manno in #1814
    • Go K8s related security bumps by @thardeck in #1709
    • Bump Golang to 1.21.0 by @rancherbot in #1716
    • Bump all modules by @manno in #1745
    • Bump bci/bci-base from 15.5.36.5.33 to 15.5.36.5.34 in /package by @dependabot in #1805
    • Bump github.com/evanphx/json-patch from 5.6.0+incompatible to 5.7.0+incompatible by @dependabot in #1802

    Full Changelog: v0.8.0...v0.9.0

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    v0.9.0

    • (rancherio-gh-m) released this 2023-11-07 12:30:45 +0000 UTC*

    Description​

    Notes

    Fleet 0.9 contains major changes to Gitjob. The existing git handling code has been unified and now uses the go-git library. The tekton CLI, which was used for cloning, has been removed. The release improves the performance on downstream clusters, by using a caching client with the helm SDK.

    Known Issues

    • Gitjob might report "git binary not found" if the path within the repository does not exist. rancher/rancher#43499

    Additions

    • Add helm version to capabilities by @manno in #1743
    • Add support for spec field identifying KUBECONFIG namespace for imported clusters by @aiyengar2 in #1786
    • Allow configuring EnableDNS property in Helm through fleet.yaml by @aruiz14 in #1755
    • Allow skipping Helm's schema validation through fleet.yaml by @aruiz14 in #1769
    • Document public API by @manno in #1639
    • Add descriptions to CRDs by @aruiz14 in #1798
    • Helm Storage Backend With Caching by @raulcabello in #1809
    • Include nonResourceURLs Fleet-Agent's RBAC by @manno in #1806

    Bugfixes

    • Add SecurityContext to job container by @raulcabello in #1878
    • Incorrect agent's DebugLevel when settings propagation is set by @aruiz14 in #1776
    • Initialise cluster registration labels map if empty by @weyfonk in #1832
    • Pin version of k8s.io/dynamic-resource-allocation by @aruiz14 in #1754

    What's Changed

    • Add dev scripts to simplify using E2E tests by @p-se in #1764
    • Add integration test to verify fleet.yaml helm options for non-helm type bundles by @thardeck in #1775
    • CI: Retry on context deadline exceeded by @p-se in #1788
    • Document APIServerURL in the config by @manno in #1795
    • E2E: Fix flaky single cluster tests by @p-se in #1784
    • E2E: Increase testenv reliability by @p-se in #1704
    • Fix nightly image build workflow YAML by @manno in #1758
    • Fix patch_crd_descriptions.sh when yq is not installed by @raulcabello in #1810
    • Fixes for running multi cluster E2E tests locally by @p-se in #1762
    • Fix CA variable usage in dev/setup-fleet by @manno in #1766
    • Improve release scripts by @thardeck in #1761
    • Increase speed of clusterregistration clean up hook by @manno in #1712
    • Remove previous version selection in release against rancher script by @thardeck in #1773
    • Remove Tekton references from release docs by @weyfonk in #1833
    • Remove tekton by @raulcabello in #1782
    • Retry k3d image import in workflows by @manno in #1793
    • Simplify Golang version management by @olblak in #1714
    • Switch k3d import to default mode to detect error in e2e setup by @manno in #1797
    • Testenv infra uses local fleet module by @manno in #1756
    • Update README.md with instructions on how to use nektos/act by @p-se in #1765
    • Upgrade k3d k8s versions in CI by @manno in #1780
    • Use constants for agent cluster role names by @manno in #1814
    • Go K8s related security bumps by @thardeck in #1709
    • Bump Golang to 1.21.0 by @rancherbot in #1716
    • Bump all modules by @manno in #1745
    • Bump bci/bci-base from 15.5.36.5.33 to 15.5.36.5.34 in /package by @dependabot in #1805
    • Bump github.com/evanphx/json-patch from 5.6.0+incompatible to 5.7.0+incompatible by @dependabot in #1802

    Full Changelog: v0.8.0...v0.9.0

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/changelogs/changelogs/v0.9.1.html b/0.9/changelogs/changelogs/v0.9.1.html index d2221d89b..70fc3540f 100644 --- a/0.9/changelogs/changelogs/v0.9.1.html +++ b/0.9/changelogs/changelogs/v0.9.1.html @@ -4,13 +4,13 @@ v0.9.1 | Fleet - +
    -
    Version: 0.9

    v0.9.1

    • (rancherio-gh-m) released this 2024-03-21 16:35:26 +0000 UTC*

    Description​

    Notes

    Additions

    Performance

    • Use index when listing BundleDeployments by Bundle by @aruiz14 in #1954
    • Replace json-based implementation of DeepCopy on GenericMap by @aruiz14 in #1955
    • Use UniqueApplyForResourceVersion in Bundle and GitRepo GeneratingHandlers by @aruiz14 in #2061
    • Reduce BundleDeployment triggering on deployed resources updates by @aruiz14 in #2031

    Bugfixes

    What's Changed

    Full Changelog: v0.9.0...v0.9.1

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    v0.9.1

    • (rancherio-gh-m) released this 2024-03-21 16:35:26 +0000 UTC*

    Description​

    Notes

    Additions

    Performance

    • Use index when listing BundleDeployments by Bundle by @aruiz14 in #1954
    • Replace json-based implementation of DeepCopy on GenericMap by @aruiz14 in #1955
    • Use UniqueApplyForResourceVersion in Bundle and GitRepo GeneratingHandlers by @aruiz14 in #2061
    • Reduce BundleDeployment triggering on deployed resources updates by @aruiz14 in #2031

    Bugfixes

    What's Changed

    Full Changelog: v0.9.0...v0.9.1

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/changelogs/changelogs/v0.9.2.html b/0.9/changelogs/changelogs/v0.9.2.html index 9e15b4a34..838f49af5 100644 --- a/0.9/changelogs/changelogs/v0.9.2.html +++ b/0.9/changelogs/changelogs/v0.9.2.html @@ -4,13 +4,13 @@ v0.9.2 | Fleet - +
    -
    Version: 0.9

    v0.9.2

    • (rancherio-gh-m) released this 2024-03-22 15:49:16 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.9.1...v0.9.2

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    v0.9.2

    • (rancherio-gh-m) released this 2024-03-22 15:49:16 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.9.1...v0.9.2

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/changelogs/changelogs/v0.9.3.html b/0.9/changelogs/changelogs/v0.9.3.html index 61af401de..1e61186e2 100644 --- a/0.9/changelogs/changelogs/v0.9.3.html +++ b/0.9/changelogs/changelogs/v0.9.3.html @@ -4,13 +4,13 @@ v0.9.3 | Fleet - +
    -
    Version: 0.9

    v0.9.3

    • (rancherio-gh-m) released this 2024-04-17 09:34:37 +0000 UTC*

    Description​

    Bugfixes

    • Prevent creating Content objects if Bundle does not match any target by @aruiz14 in #2215

    What's Changed

    Full Changelog: v0.9.2...v0.9.3

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    v0.9.3

    • (rancherio-gh-m) released this 2024-04-17 09:34:37 +0000 UTC*

    Description​

    Bugfixes

    • Prevent creating Content objects if Bundle does not match any target by @aruiz14 in #2215

    What's Changed

    Full Changelog: v0.9.2...v0.9.3

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/changelogs/changelogs/v0.9.4.html b/0.9/changelogs/changelogs/v0.9.4.html index 59f1b5f53..bc87df10a 100644 --- a/0.9/changelogs/changelogs/v0.9.4.html +++ b/0.9/changelogs/changelogs/v0.9.4.html @@ -4,13 +4,13 @@ v0.9.4 | Fleet - +
    -
    Version: 0.9

    v0.9.4

    • (rancherio-gh-m) released this 2024-05-02 12:48:10 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.9.3...v0.9.4

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    v0.9.4

    • (rancherio-gh-m) released this 2024-05-02 12:48:10 +0000 UTC*

    Description​

    What's Changed

    Full Changelog: v0.9.3...v0.9.4

    Download​

    Information retrieved from here

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/cli/fleet-agent.html b/0.9/cli/fleet-agent.html index be52a6dcb..98e0bdac1 100644 --- a/0.9/cli/fleet-agent.html +++ b/0.9/cli/fleet-agent.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.9

    fleet-agent​

    fleet-agent [flags]

    Options​

          --agent-scope string        An identifier used to scope the agent bundleID names, typically the same as namespace
          --checkin-interval string   How often to post cluster status
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet-agent
          --kubeconfig string         kubeconfig file
          --namespace string          namespace to watch
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    fleet-agent​

    fleet-agent [flags]

    Options​

          --agent-scope string        An identifier used to scope the agent bundleID names, typically the same as namespace
          --checkin-interval string   How often to post cluster status
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet-agent
          --kubeconfig string         kubeconfig file
          --namespace string          namespace to watch
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/cli/fleet-cli/fleet.html b/0.9/cli/fleet-cli/fleet.html index ce74809de..bfcde6e51 100644 --- a/0.9/cli/fleet-cli/fleet.html +++ b/0.9/cli/fleet-cli/fleet.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.9

    fleet​

    fleet [flags]

    Options​

          --context string            kubeconfig context for authentication
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet cleanup - Clean up outdated cluster registrations
    • fleet test - Match a bundle to a target and render the output
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    fleet​

    fleet [flags]

    Options​

          --context string            kubeconfig context for authentication
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for fleet
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet cleanup - Clean up outdated cluster registrations
    • fleet test - Match a bundle to a target and render the output
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/cli/fleet-cli/fleet_apply.html b/0.9/cli/fleet-cli/fleet_apply.html index 9db5b5a5d..83fd9022b 100644 --- a/0.9/cli/fleet-cli/fleet_apply.html +++ b/0.9/cli/fleet-cli/fleet_apply.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.9

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string                     Location of the raw Bundle resource yaml
          --cacerts-file string                    Path of custom cacerts for helm repo
          --commit string                          Commit to assign to the bundle
      -c, --compress                               Force all resources to be compress
          --correct-drift                          Rollback any change made from outside of Fleet
          --correct-drift-force                    Use --force when correcting drift. Resources can be deleted and recreated
          --correct-drift-keep-fail-history        Keep helm history for failed rollbacks
          --debug                                  Turn on debug logging
          --debug-level int                        If debugging is enabled, set klog -v=X
      -f, --file string                            Location of the fleet.yaml
          --helm-credentials-by-path-file string   Path of file containing helm credentials for paths
          --helm-repo-url-regex string             Helm credentials will be used if the helm repo matches this regex. Credentials will always be used if this is empty or not provided
      -h, --help                                   help for apply
          --keep-resources                         Keep resources created after the GitRepo or Bundle is deleted
      -l, --label strings                          Labels to apply to created bundles
      -o, --output string                          Output contents to file or - for stdout
          --password-file string                   Path of file containing basic auth password for helm repo
          --paused                                 Create bundles in a paused state
      -a, --service-account string                 Service account to assign to bundle created
          --ssh-privatekey-file string             Path of ssh-private-key for helm repo
          --sync-generation int                    Generation number used to force sync the deployment
          --target-namespace string                Ensure this bundle goes to this target namespace
          --targets-file string                    Addition source of targets and restrictions to be append
          --username string                        Basic auth username for helm repo

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string                     Location of the raw Bundle resource yaml
          --cacerts-file string                    Path of custom cacerts for helm repo
          --commit string                          Commit to assign to the bundle
      -c, --compress                               Force all resources to be compress
          --correct-drift                          Rollback any change made from outside of Fleet
          --correct-drift-force                    Use --force when correcting drift. Resources can be deleted and recreated
          --correct-drift-keep-fail-history        Keep helm history for failed rollbacks
          --debug                                  Turn on debug logging
          --debug-level int                        If debugging is enabled, set klog -v=X
      -f, --file string                            Location of the fleet.yaml
          --helm-credentials-by-path-file string   Path of file containing helm credentials for paths
          --helm-repo-url-regex string             Helm credentials will be used if the helm repo matches this regex. Credentials will always be used if this is empty or not provided
      -h, --help                                   help for apply
          --keep-resources                         Keep resources created after the GitRepo or Bundle is deleted
      -l, --label strings                          Labels to apply to created bundles
      -o, --output string                          Output contents to file or - for stdout
          --password-file string                   Path of file containing basic auth password for helm repo
          --paused                                 Create bundles in a paused state
      -a, --service-account string                 Service account to assign to bundle created
          --ssh-privatekey-file string             Path of ssh-private-key for helm repo
          --sync-generation int                    Generation number used to force sync the deployment
          --target-namespace string                Ensure this bundle goes to this target namespace
          --targets-file string                    Addition source of targets and restrictions to be append
          --username string                        Basic auth username for helm repo

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/cli/fleet-cli/fleet_cleanup.html b/0.9/cli/fleet-cli/fleet_cleanup.html index 4e0b4e62d..70e0520ff 100644 --- a/0.9/cli/fleet-cli/fleet_cleanup.html +++ b/0.9/cli/fleet-cli/fleet_cleanup.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.9

    fleet cleanup​

    Clean up outdated cluster registrations

    fleet cleanup [flags]

    Options​

          --debug             Turn on debug logging
          --debug-level int   If debugging is enabled, set klog -v=X
          --factor string     Factor to increase delay between deletes (default: 1.1)
      -h, --help              help for cleanup
          --max string        Maximum delay between deletes (default: 5s)
          --min string        Minimum delay between deletes (default: 10ms)

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    fleet cleanup​

    Clean up outdated cluster registrations

    fleet cleanup [flags]

    Options​

          --debug             Turn on debug logging
          --debug-level int   If debugging is enabled, set klog -v=X
          --factor string     Factor to increase delay between deletes (default: 1.1)
      -h, --help              help for cleanup
          --max string        Maximum delay between deletes (default: 5s)
          --min string        Minimum delay between deletes (default: 10ms)

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/cli/fleet-cli/fleet_test.html b/0.9/cli/fleet-cli/fleet_test.html index 574da5265..9519642cc 100644 --- a/0.9/cli/fleet-cli/fleet_test.html +++ b/0.9/cli/fleet-cli/fleet_test.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.9

    fleet test​

    Match a bundle to a target and render the output

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
          --debug                 Turn on debug logging
          --debug-level int       If debugging is enabled, set klog -v=X
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    fleet test​

    Match a bundle to a target and render the output

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
          --debug                 Turn on debug logging
          --debug-level int       If debugging is enabled, set klog -v=X
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    Options inherited from parent commands​

          --context string            kubeconfig context for authentication
      -k, --kubeconfig string         kubeconfig for authentication
      -n, --namespace string          namespace (default "fleet-local")
          --system-namespace string   System namespace of the controller (default "cattle-fleet-system")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/cli/fleet-controller/fleet-manager.html b/0.9/cli/fleet-controller/fleet-manager.html index c7714fd99..46b0a07d8 100644 --- a/0.9/cli/fleet-controller/fleet-manager.html +++ b/0.9/cli/fleet-controller/fleet-manager.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: 0.9

    fleet-manager​

    fleet-manager [flags]

    Options​

          --debug               Turn on debug logging
          --debug-level int     If debugging is enabled, set klog -v=X
          --disable-bootstrap   disable local cluster components
          --disable-gitops      disable gitops components
      -h, --help                help for fleet-manager
          --kubeconfig string   Kubeconfig file
          --namespace string    namespace to watch (default "cattle-fleet-system")
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    fleet-manager​

    fleet-manager [flags]

    Options​

          --debug               Turn on debug logging
          --debug-level int     If debugging is enabled, set klog -v=X
          --disable-bootstrap   disable local cluster components
          --disable-gitops      disable gitops components
      -h, --help                help for fleet-manager
          --kubeconfig string   Kubeconfig file
          --namespace string    namespace to watch (default "cattle-fleet-system")
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/cluster-bundles-state.html b/0.9/cluster-bundles-state.html index 700e1e0d7..400e4f130 100644 --- a/0.9/cluster-bundles-state.html +++ b/0.9/cluster-bundles-state.html @@ -4,13 +4,13 @@ Cluster and Bundle State | Fleet - +
    -
    Version: 0.9

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/cluster-group.html b/0.9/cluster-group.html index a521be6b8..edd282f60 100644 --- a/0.9/cluster-group.html +++ b/0.9/cluster-group.html @@ -4,7 +4,7 @@ Create Cluster Groups | Fleet - + @@ -13,8 +13,8 @@ The only parameter for a cluster group is essentially the selector. When you get to a certain scale cluster groups become a more reasonable way to manage your clusters. Cluster groups serve the purpose of giving aggregated -status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/cluster-registration.html b/0.9/cluster-registration.html index f47caaee0..6a7f9261b 100644 --- a/0.9/cluster-registration.html +++ b/0.9/cluster-registration.html @@ -4,7 +4,7 @@ Register Downstream Clusters | Fleet - + @@ -75,8 +75,8 @@ above example one can run the following one-liner:

    info

    If you are using Fleet standalone without Rancher, it must be installed as described in installation details.

    The manager-initiated registration is used when you add a cluster from the Rancher dashboard.

    Create Kubeconfig Secret​

    The format of this secret is intended to match the format of the kubeconfig secret used in cluster-api. -This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/concepts.html b/0.9/concepts.html index 3817efcdb..7dcf220e3 100644 --- a/0.9/concepts.html +++ b/0.9/concepts.html @@ -4,7 +4,7 @@ Core Concepts | Fleet - + @@ -24,8 +24,8 @@ Regardless of the source the contents are dynamically rendered into a Helm chart and installed into the downstream cluster as a helm release.

    • To see the life cycle of a bundle, click here.

  • BundleDeployment: When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for -the cluster the agent is managing.

    • For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click here.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the cluster the agent is managing.

    • For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click here.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/gitrepo-add.html b/0.9/gitrepo-add.html index dce662b69..dbdf78c01 100644 --- a/0.9/gitrepo-add.html +++ b/0.9/gitrepo-add.html @@ -4,7 +4,7 @@ Create a GitRepo Resource | Fleet - + @@ -15,8 +15,8 @@ Make sure you don't leak credentials by mixing public and private repositor or split them into different gitrepos, or use helmRepoURLRegex to limit the scope of credentials to certain servers.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    Use different helm credentials for each path​

    info

    gitRepo.spec.helmSecretName will be ignored if gitRepo.spec.helmSecretNameForPaths is provided

    Create a file secrets-path.yaml that contains credentials for each path defined in a GitRepo. Credentials will not be used for paths that are not present in this file. The path is the actual path to the bundle (ie to a folder containing a fleet.yaml file) within the git repository, which might have more segments than the entry under paths:.

    Example:

    path-one: # path path-one must exist in the repository
      username: user
      password: pass
    path-two:  # path path-one must exist in the repository
      username: user2
      password: pass2
      caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
      sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K

    Create the secret

    kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml

    In the previous example credentials for username user will be used for the path path-one and credentials for username -user2 will be used for the path path-two.

    caBundle and sshPrivateKey must be base64 encoded.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +user2 will be used for the path path-two.

    caBundle and sshPrivateKey must be base64 encoded.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/gitrepo-content.html b/0.9/gitrepo-content.html index 49efe0215..03aac6678 100644 --- a/0.9/gitrepo-content.html +++ b/0.9/gitrepo-content.html @@ -4,7 +4,7 @@ Git Repository Contents | Fleet - + @@ -51,8 +51,8 @@ the contents of a file the convention of adding _patch. (notice the will be replaced with . from the file name and that will be used as the target. For example deployment_patch.yaml will target deployment.yaml. The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch. Which strategy is used is based on the file content. Even though JSON strategies are used, the files can be written -using YAML syntax.

    Cluster and Bundle State​

    See Cluster and Bundle state.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +using YAML syntax.

    Cluster and Bundle State​

    See Cluster and Bundle state.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/gitrepo-targets.html b/0.9/gitrepo-targets.html index 3864c55d9..21dd48660 100644 --- a/0.9/gitrepo-targets.html +++ b/0.9/gitrepo-targets.html @@ -4,7 +4,7 @@ Mapping to Downstream Clusters | Fleet - + @@ -23,8 +23,8 @@ and add clusters to it.

    this issue for more details.

  • Helm.WaitForJobs

  • Kustomize.Dir

  • YAML.Overlays

  • Diff.ComparePatches

    • Additional Examples​

    Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations -of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/imagescan.html b/0.9/imagescan.html index 33d6d90d8..963da3938 100644 --- a/0.9/imagescan.html +++ b/0.9/imagescan.html @@ -4,15 +4,15 @@ Using Image Scan to Update Container Image References | Fleet - +
    Version: 0.9

    Using Image Scan to Update Container Image References

    Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository, without the need to manually update your manifests.

    caution

    This feature is considered as experimental feature.

    Go to fleet.yaml and add the following section.

    imageScans:
    # specify the policy to retrieve images, can be semver or alphabetical order
    - policy:
        # if range is specified, it will take the latest image according to semver order in the range
        # for more details on how to use semver, see https://github.com/Masterminds/semver
        semver:
          range: "*"
        # can use ascending or descending order
        alphabetical:
          order: asc

      # specify images to scan
      image: "your.registry.com/repo/image"

      # Specify the tag name, it has to be unique in the same bundle
      tagName: test-scan

      # specify secret to pull image if in private registry
      secretRef:
        name: dockerhub-secret

      # Specify the scan interval
      interval: 5m
    info

    You can create multiple image scans in fleet.yaml.

    Go to your manifest files and update the field that you want to replace. For example:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: redis-slave
    spec:
      selector:
        matchLabels:
          app: redis
          role: slave
          tier: backend
      replicas: 2
      template:
        metadata:
          labels:
            app: redis
            role: slave
            tier: backend
        spec:
          containers:
          - name: slave
            image: <image>:<tag> # {"$imagescan": "test-scan"}
            resources:
              requests:
                cpu: 100m
                memory: 100Mi
            ports:
            - containerPort: 6379
    note

    There are multiple form of tagName you can reference. For example

    {"$imagescan": "test-scan"}: Use full image name(foo/bar:tag)

    {"$imagescan": "test-scan:name"}: Only use image name without tag(foo/bar)

    {"$imagescan": "test-scan:tag"}: Only use image tag

    {"$imagescan": "test-scan:digest"}: Use full image name with digest(foo/bar:tag@sha256...)

    Create a GitRepo that includes your fleet.yaml

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: my-repo
      namespace: fleet-local
    spec:
      # change this to be your own repo
      repo: https://github.com/rancher/fleet-examples
      # define how long it will sync all the images and decide to apply change
      imageScanInterval: 5m
      # user must properly provide a secret that have write access to git repository
      clientSecretName: secret
      # specify the commit pattern
      imageScanCommit:
        authorName: foo
        authorEmail: foo@bar.com
        messageTemplate: "update image"

    Try pushing a new image tag, for example, <image>:<new-tag>. Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml. -Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/installation.html b/0.9/installation.html index 488cc3b8a..3e2f28f14 100644 --- a/0.9/installation.html +++ b/0.9/installation.html @@ -4,7 +4,7 @@ Installation Details | Fleet - + @@ -37,8 +37,8 @@ the ca.pem is not correct. The contents of the $API_SERVER_CA and the CA certificate is in the file ca.pem. If your API server URL is signed by a well-known CA you can omit the apiServerCA parameter below or just create an empty ca.pem file (ie touch ca.pem).

    Setup the environment with your specific values, e.g.:

    API_SERVER_URL="https://example.com:6443"
    API_SERVER_CA="ca.pem"

    Once you have validated the API server URL and API server CA parameters, install the following two Helm charts.

    First add Fleet's Helm repository.
    helm repo add fleet https://rancher.github.io/fleet-helm-charts/

    Second install the Fleet CustomResourcesDefintions.

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd

    Third install the Fleet controllers.

    helm -n cattle-fleet-system install --create-namespace --wait \
        --set apiServerURL="$API_SERVER_URL" \
        --set-file apiServerCA="$API_SERVER_CA" \
        fleet

    At this point the Fleet manager should be ready. You can now register clusters and git repos with -the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/multi-user.html b/0.9/multi-user.html index 45aea1397..83a0a997f 100644 --- a/0.9/multi-user.html +++ b/0.9/multi-user.html @@ -4,7 +4,7 @@ Setup Multi User | Fleet - + @@ -17,8 +17,8 @@ deploy cluster wide resources. Even with the available Fleet restrictions, users are only restricted to namespaces, but namespaces don't provide much isolation on their own. E.g. they can still consume as many resources as they like.

    However, the existing Fleet restrictions allow users to share clusters, and -deploy resources without conflicts.

    Example User​

    This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace.

    kubectl create serviceaccount fleetuser
    kubectl create namespace project1
    kubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser

    If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:

    kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser
    kubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser

    This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +deploy resources without conflicts.

    Example User​

    This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace.

    kubectl create serviceaccount fleetuser
    kubectl create namespace project1
    kubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser

    If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:

    kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser
    kubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser

    This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/namespaces.html b/0.9/namespaces.html index f04a23f99..484a57897 100644 --- a/0.9/namespaces.html +++ b/0.9/namespaces.html @@ -4,7 +4,7 @@ Namespaces | Fleet - + @@ -39,8 +39,8 @@ in an error state and won't be deployed.

    This can also be used to set If an allowedTargetNamespaces restriction is present, all GitRepos must specify a targetNamespace and the specified namespace must be in the allow list. -This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/quickstart.html b/0.9/quickstart.html index eefbef3fe..c6712a519 100644 --- a/0.9/quickstart.html +++ b/0.9/quickstart.html @@ -4,15 +4,15 @@ Quick Start | Fleet - +
    Version: 0.9

    Quick Start

    Who needs documentation, lets just run this thing!

    Install​

    Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is fairly straightforward. To install the Helm 3 CLI follow the official install instructions.

    Fleet in Rancher

    Rancher has separate helm charts for Fleet and uses a different repository.

    brew install helm
    helm repo add fleet https://rancher.github.io/fleet-helm-charts/

    Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)

    helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \
        fleet/fleet-crd
    helm -n cattle-fleet-system install --create-namespace --wait fleet \
        fleet/fleet

    Add a Git Repo to Watch​

    Change spec.repo to your git repo of choice. Kubernetes manifest files that should -be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/ref-bundle-stages.html b/0.9/ref-bundle-stages.html index 81573178f..89f8fc37c 100644 --- a/0.9/ref-bundle-stages.html +++ b/0.9/ref-bundle-stages.html @@ -4,13 +4,13 @@ Bundle Lifecycle | Fleet - +
    -
    Version: 0.9

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/ref-bundle.html b/0.9/ref-bundle.html index c0efac7c9..0dfb6c1d2 100644 --- a/0.9/ref-bundle.html +++ b/0.9/ref-bundle.html @@ -4,14 +4,14 @@ Bundle Resource | Fleet - +
    Version: 0.9

    Bundle Resource

    Bundles are automatically created by Fleet when a GitRepo is created.

    The content of the resource corresponds to the BundleSpec. -For more information on how to use the Bundle resource Create a Bundle Resource.

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # Namespace used for resources that do not specify a namespace.
      # This field is not used to enforce or lock down the deployment to a specific namespace.
      # defaultNamespace: test

      # If present will assign all resource to this
      # namespace and if any cluster scoped resource exists the deployment will fail.
      # targetNamespace: app

      # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.
      # kustomize: ...

      # Helm options for the deployment, like the chart name, repo and values.
      # helm: ...

      # ServiceAccount which will be used to perform this deployment.
      # serviceAccount: sa

      # ForceSyncGeneration is used to force a redeployment.
      # forceSyncGeneration: 0

      # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.
      # yaml: ...

      # Diff can be used to ignore the modified state of objects which are amended at runtime.
      # A specific commit or tag can also be watched.
      #
      # diff: ...

      # KeepResources can be used to keep the deployed resources when removing the bundle.
      # keepResources: false

      # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.
      # paused: false

      # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.
      # rolloutStrategy: ...

      # Contain the actual resources from the git repo which will be deployed.
      resources:
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

      # This field is used by Fleet internally, and it should not be modified manually.
      # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.
      # targetRestrictions: ...

      # Refers to the bundles which must be ready before this bundle can be deployed.
      # dependsOn: ...

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For more information on how to use the Bundle resource Create a Bundle Resource.

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # Namespace used for resources that do not specify a namespace.
      # This field is not used to enforce or lock down the deployment to a specific namespace.
      # defaultNamespace: test

      # If present will assign all resource to this
      # namespace and if any cluster scoped resource exists the deployment will fail.
      # targetNamespace: app

      # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.
      # kustomize: ...

      # Helm options for the deployment, like the chart name, repo and values.
      # helm: ...

      # ServiceAccount which will be used to perform this deployment.
      # serviceAccount: sa

      # ForceSyncGeneration is used to force a redeployment.
      # forceSyncGeneration: 0

      # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.
      # yaml: ...

      # Diff can be used to ignore the modified state of objects which are amended at runtime.
      # A specific commit or tag can also be watched.
      #
      # diff: ...

      # KeepResources can be used to keep the deployed resources when removing the bundle.
      # keepResources: false

      # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.
      # paused: false

      # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.
      # rolloutStrategy: ...

      # Contain the actual resources from the git repo which will be deployed.
      resources:
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

      # This field is used by Fleet internally, and it should not be modified manually.
      # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.
      # targetRestrictions: ...

      # Refers to the bundles which must be ready before this bundle can be deployed.
      # dependsOn: ...

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/ref-configuration.html b/0.9/ref-configuration.html index b4b86256e..edf6dbe76 100644 --- a/0.9/ref-configuration.html +++ b/0.9/ref-configuration.html @@ -4,7 +4,7 @@ Configuration | Fleet - + @@ -12,8 +12,8 @@
    Version: 0.9

    Configuration

    A reference list of, mostly internal, configuration options.

    Helm Charts​

    The Helm charts accept, at least, the options as shown with their default in values.yaml:

    Environment Variables​

    The controllers can be started with these environment variables:

    • CATTLE_DEV_MODE - used to debug wrangler, not usable
    • FLEET_CLUSTER_ENQUEUE_DELAY - tune how often non-ready clusters are checked
    • FLEET_CPU_PPROF_PERIOD - used to turn on performance profiling

    Configuration​

    In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments.

    The config struct is used in both config maps:

    • cattle-fleet-system/fleet-agent
    • cattle-fleet-system/fleet-controller

    Labels​

    Labels used by fleet:

    • fleet.cattle.io/agent=true - NodeSelector label for agent's deployment affinity setting
    • fleet.cattle.io/non-managed-agent - managed agent bundle won't target Clusters with this label
    • fleet.cattle.io/repo-name - used on Bundle to reference the git repo resource
    • fleet.cattle.io/bundle-namespace - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/bundle-name - used on BundleDeployment to reference the Bundle resource
    • fleet.cattle.io/managed=true - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces.
    • fleet.cattle.io/bootstrap-token - unused

    Annotations​

    Annotations used by fleet:

    • fleet.cattle.io/agent-namespace
    • fleet.cattle.io/bundle-id
    • fleet.cattle.io/cluster, fleet.cattle.io/cluster-namespace - used on a cluster namespace to reference the cluster registration namespace and cluster name
    • fleet.cattle.io/cluster-group
    • fleet.cattle.io/cluster-registration-namespace
    • fleet.cattle.io/cluster-registration
    • fleet.cattle.io/commit
    • fleet.cattle.io/managed - appears unused
    • fleet.cattle.io/service-account

    Fleet agent configuration​

    Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a Cluster, see Registering Downstream Cluster for more info on how to create Clusters. Default configuration will be used if these fields are not provided.

    If you change the resources limits, make sure the limits allow the fleet-agent to work normally.

    Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults. -Agents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Agents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/ref-crds.html b/0.9/ref-crds.html index df5611314..5b24986ce 100644 --- a/0.9/ref-crds.html +++ b/0.9/ref-crds.html @@ -4,13 +4,13 @@ Custom Resources Spec | Fleet - +
    -
    Version: 0.9

    Custom Resources Spec

    Sub Resources

    Bundle​

    Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.\n\nWhen a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDisplay​

    BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle.

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    stateState is a summary state for the bundle, calculated over the non-ready resources.stringfalse

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    nameName of the bundle.stringfalse
    selectorSelector matching bundle's labels.*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    BundleResource represents the content of a single resource from the bundle, like a YAML manifest.

    FieldDescriptionSchemeRequired
    nameName of the resource, can include the bundle's internal path.stringfalse
    contentThe content of the resource, can be compressed.stringfalse
    encodingEncoding is either empty or \"base64+gz\".stringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts.[]BundleResourcefalse
    targetsTargets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used.[]BundleTargetfalse
    targetRestrictionsTargetRestrictions is an allow list, which controls if a bundledeployment is created for a target.[]BundleTargetRestrictionfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of Wrangler conditions that describe the state of the bundle.[]genericcondition.GenericConditionfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    newlyCreatedNewlyCreated is the number of bundle deployments that have been created, not updated.intfalse
    unavailableUnavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec.inttrue
    unavailablePartitionsUnavailablePartitions is the number of unavailable partitions.inttrue
    maxUnavailableMaxUnavailable is the maximum number of unavailable deployments. See rollout configuration.inttrue
    maxUnavailablePartitionsMaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions.inttrue
    maxNewMaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time.intfalse
    partitionsPartitionStatus lists the status of each partition.[]PartitionStatusfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.BundleDisplayfalse
    resourceKeyResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc..[]ResourceKeyfalse
    observedGenerationObservedGeneration is the current generation of the bundle.int64true

    Back to Custom Resources

    BundleSummary​

    BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status.

    FieldDescriptionSchemeRequired
    notReadyNotReady is the number of bundle deployments that have been deployed where some resources are not ready.intfalse
    waitAppliedWaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.intfalse
    errAppliedErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle.intfalse
    outOfSyncOutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent.intfalse
    modifiedModified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced.intfalse
    readyReady is the number of bundle deployments that have been deployed where all resources are ready.inttrue
    pendingPending is the number of bundle deployments that are being processed by Fleet controller.intfalse
    desiredReadyDesiredReady is the number of bundle deployments that should be ready.inttrue
    nonReadyResourcesNonReadyClusters is a list of states, which is filled for a bundle that is not ready.[]NonReadyResourcefalse

    Back to Custom Resources

    BundleTarget​

    BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct.

    FieldDescriptionSchemeRequired
    nameName of target. This value is largely for display and logging. If not specified a default name of the format \"target000\" will be usedstringfalse
    clusterNameClusterName to match a specific cluster by name that will be selectedstringfalse
    clusterSelectorClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup to match a specific cluster group by name.stringfalse
    clusterGroupSelectorClusterGroupSelector is a selector to match cluster groups.*metav1.LabelSelectorfalse
    doNotDeployDoNotDeploy if set to true, will not deploy to this target.boolfalse

    Back to Custom Resources

    BundleTargetRestriction​

    BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml.

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    NonReadyResource​

    NonReadyResource contains information about a bundle that is not ready for a given state like \"ErrApplied\". It contains a list of non-ready or modified resources and their states.

    FieldDescriptionSchemeRequired
    nameName is the name of the resource.stringfalse
    bundleStateState is the state of the resource, like e.g. \"NotReady\" or \"ErrApplied\".BundleStatefalse
    messageMessage contains information why the bundle is not ready.stringfalse
    modifiedStatusModifiedStatus lists the state for each modified resource.[]ModifiedStatusfalse
    nonReadyStatusNonReadyStatus lists the state for each non-ready resource.[]NonReadyStatusfalse

    Back to Custom Resources

    Partition​

    Partition defines a separate rollout strategy for a set of clusters.

    FieldDescriptionSchemeRequired
    nameA user-friendly name given to the partition used for Display (optional).stringfalse
    maxUnavailableA number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%*intstr.IntOrStringfalse
    clusterNameClusterName is the name of a cluster to include in this partitionstringfalse
    clusterSelectorSelector matching cluster labels to include in this partition*metav1.LabelSelectorfalse
    clusterGroupA cluster group name to include in this partitionstringfalse
    clusterGroupSelectorSelector matching cluster group labels to include in this partition*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    PartitionStatus is the status of a single rollout partition.

    FieldDescriptionSchemeRequired
    nameName is the name of the partition.stringfalse
    countCount is the number of clusters in the partition.intfalse
    maxUnavailableMaxUnavailable is the maximum number of unavailable clusters in the partition.intfalse
    unavailableUnavailable is the number of unavailable clusters in the partition.intfalse
    summarySummary is a summary state for the partition, calculated over its non-ready resources.BundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    ResourceKey lists resources, which will likely be deployed.

    FieldDescriptionSchemeRequired
    kindKind is the k8s api kind of the resource.stringfalse
    apiVersionAPIVersion is the k8s api version of the resource.stringfalse
    namespaceNamespace is the namespace of the resource.stringfalse
    nameName is the name of the resource.stringfalse

    Back to Custom Resources

    RolloutStrategy​

    RolloverStrategy controls the rollout of the bundle across clusters.

    FieldDescriptionSchemeRequired
    maxUnavailableA number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%*intstr.IntOrStringfalse
    maxUnavailablePartitionsA number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0*intstr.IntOrStringfalse
    autoPartitionSizeA number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%*intstr.IntOrStringfalse
    partitionsA list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize.[]Partitionfalse

    Back to Custom Resources

    BundleDeployment​

    BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse
    ignoreIgnoreOptions can be used to ignore fields when monitoring the bundle.IgnoreOptionsfalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse
    namespaceLabelsNamespaceLabels are labels that will be appended to the namespace created by Fleet.*map[string]stringfalse
    namespaceAnnotationsNamespaceAnnotations are annotations that will be appended to the namespace created by Fleet.*map[string]stringfalse

    Back to Custom Resources

    BundleDeploymentResource​

    BundleDeploymentResource contains the metadata of a deployed resource.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    createdAtmetav1.Timefalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected.boolfalse
    stagedOptionsStagedOptions are the deployment options, that are staged for the next deployment.BundleDeploymentOptionsfalse
    stagedDeploymentIDStagedDeploymentID is the ID of the staged deployment.stringfalse
    optionsOptions are the deployment options, that are currently applied.BundleDeploymentOptionsfalse
    deploymentIDDeploymentID is the ID of the currently applied deployment.stringfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[]NonReadyStatusfalse
    modifiedStatus[]ModifiedStatusfalse
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false
    resourcesResources lists the metadata of resources that were deployed according to the helm release history.[]BundleDeploymentResourcefalse

    Back to Custom Resources

    ComparePatch​

    ComparePatch matches a resource and removes fields from the check for modifications.

    FieldDescriptionSchemeRequired
    kindKind is the kind of the resource to match.stringfalse
    apiVersionAPIVersion is the apiVersion of the resource to match.stringfalse
    namespaceNamespace is the namespace of the resource to match.stringfalse
    nameName is the name of the resource to match.stringfalse
    operationsOperations remove a JSON path from the resource.[]Operationfalse
    jsonPointersJSONPointers ignore diffs at a certain JSON path.[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatchesComparePatches match a resource and remove fields from the check for modifications.[]ComparePatchfalse

    Back to Custom Resources

    HelmOptions​

    HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types.

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[]ValuesFromfalse
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse
    disableDNSDisableDNS can be used to customize Helm's EnableDNS option, which Fleet sets to true by default.boolfalse
    skipSchemaValidationSkipSchemaValidation allows skipping schema validation against the chart valuesboolfalse

    Back to Custom Resources

    IgnoreOptions​

    IgnoreOptions defines conditions to be ignored when monitoring the Bundle.

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of conditions to be ignored when monitoring the Bundle.[]map[string]stringfalse

    Back to Custom Resources

    KustomizeOptions​

    KustomizeOptions for a deployment.

    FieldDescriptionSchemeRequired
    dirDir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file.stringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    nameName of a resource in the same namespace as the referent.stringtrue

    Back to Custom Resources

    ModifiedStatus​

    ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyStatus​

    NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary.

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    Operation of a ComparePatch, usually \"remove\".

    FieldDescriptionSchemeRequired
    opOp is usually \"remove\"stringfalse
    pathPath is the JSON path to remove.stringfalse
    valueValue is usually empty.stringfalse

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.

    FieldDescriptionSchemeRequired
    overlaysOverlays is a list of names that maps to folders in \"overlays/\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.[]stringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    BundleNamespaceMapping maps bundles to clusters in other namespaces.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenLastSeen is the last time the agent checked in to update the status of the cluster resource.metav1.Timetrue
    namespaceNamespace is the namespace of the agent deployment, e.g. \"cattle-fleet-system\".stringtrue
    nonReadyNodesNonReadyNodes is the number of nodes that are not ready.inttrue
    readyNodesReadyNodes is the number of nodes that are ready.inttrue
    nonReadyNodeNamesNonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names.[]stringtrue
    readyNodeNamesReadyNodes contains the names of ready nodes. The list is limited to at most 3 names.[]stringtrue

    Back to Custom Resources

    Cluster​

    Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    readyNodesReadyNodes is a string in the form \"%d/%d\", that describes the number of nodes that are ready vs. the number of expected nodes.stringfalse
    sampleNodeSampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready.stringfalse
    stateState of the cluster, either one of the bundle states, or \"WaitCheckIn\".stringfalse

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. It can optionally contain a APIServerURL and CA to override the values in the fleet-controller's configmap.stringfalse
    kubeConfigSecretNamespaceKubeConfigSecretNamespace is the namespace of the secret containing the kubeconfig for the downstream cluster. If unset, it will be assumed the secret can be found in the namespace that the Cluster object resides within.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]corev1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]corev1.Tolerationfalse
    agentAffinityAgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used.*corev1.Affinityfalse
    agentResourcesAgentResources sets the resources for the cluster's agent deployment.*corev1.ResourceRequirementsfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summarySummary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource.BundleSummaryfalse
    resourceCountsResourceCounts is an aggregate over the GitRepoResourceCounts.GitRepoResourceCountsfalse
    readyGitReposReadyGitRepos is the number of gitrepos for this cluster that are ready.inttrue
    desiredReadyGitReposDesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready.inttrue
    agentEnvVarsHashAgentEnvVarsHash is a hash of the agent's env vars, used to detect changes.stringfalse
    agentPrivateRepoURLAgentPrivateRepoURL is the private repo URL for the agent that is currently used.stringfalse
    agentDeployedGenerationAgentDeployedGeneration is the generation of the agent that is currently deployed.*int64false
    agentMigratedAgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status.boolfalse
    agentNamespaceMigratedAgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status.boolfalse
    cattleNamespaceMigratedCattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status.boolfalse
    agentAffinityHashAgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes.stringfalse
    agentResourcesHashAgentResourcesHash is a hash of the agent's resources configuration, used to detect changes.stringfalse
    agentTolerationsHashAgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes.stringfalse
    agentConfigChangedAgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster.boolfalse
    apiServerURLAPIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream.stringfalse
    apiServerCAHashAPIServerCAHash is a hash of the upstream API server CA, used to detect changes.stringfalse
    displayDisplay contains the number of ready bundles, nodes and a summary state.ClusterDisplayfalse
    agentAgentStatus contains information about the agent.AgentStatusfalse

    Back to Custom Resources

    ClusterGroup​

    ClusterGroup is a re-usable selector to target a group of clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    stateState is a summary state for the cluster group, showing \"NotReady\" if there are non-ready resources.stringfalse

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selectorSelector is a label selector, used to select clusters for this group.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountClusterCount is the number of clusters in the cluster group.inttrue
    nonReadyClusterCountNonReadyClusterCount is the number of clusters that are not ready.inttrue
    nonReadyClustersNonReadyClusters is a list of cluster names that are not ready.[]stringfalse
    conditionsConditions is a list of conditions and their statuses for the cluster group.[]genericcondition.GenericConditionfalse
    summarySummary is a summary of the bundle deployments and their resources in the cluster group.BundleSummaryfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.ClusterGroupDisplayfalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles in the cluster group.GitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    ClusterRegistration is used internally by Fleet and should not be used directly.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID.stringfalse
    clientRandomClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name.stringfalse
    clusterLabelsClusterLabels are copied to the cluster resource during the registration.map[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNameClusterName is only set after the registration is being processed by fleet-controller.stringfalse
    grantedGranted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings.boolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    ClusterRegistrationToken is used by agents to register a new cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttlTTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted.*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expiresExpires is the time when the token expires.*metav1.Timefalse
    secretNameSecretName is the name of the secret containing the token.stringfalse

    Back to Custom Resources

    Content​

    Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    contentContent is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them.[]bytefalse

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    CorrectDrift​

    FieldDescriptionSchemeRequired
    enabledEnabled correct drift if true.boolfalse
    forceForce helm rollback with --force option will be used if true. This will try to recreate all resources in the release.boolfalse
    keepFailHistoryKeepFailHistory keeps track of failed rollbacks in the helm history.boolfalse

    Back to Custom Resources

    GitRepo​

    GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsReadyBundleDeployments is a string in the form \"%d/%d\", that describes the number of ready bundledeployments over the total number of bundledeployments.stringfalse
    stateState is the state of the GitRepo, e.g. \"GitUpdating\" or the maximal BundleState according to StateRank.stringfalse
    messageMessage contains the relevant message from the deployment conditions.stringfalse
    errorError is true if a message is present.boolfalse

    Back to Custom Resources

    GitRepoResource​

    GitRepoResource contains metadata about the resources of a bundle.

    FieldDescriptionSchemeRequired
    apiVersionAPIVersion is the API version of the resource.stringfalse
    kindKind is the k8s kind of the resource.stringfalse
    typeType is the type of the resource, e.g. \"apiextensions.k8s.io.customresourcedefinition\" or \"configmap\".stringfalse
    idID is the name of the resource, e.g. \"namespace1/my-config\" or \"backingimagemanagers.storage.io\".stringfalse
    namespaceNamespace of the resource.stringfalse
    nameName of the resource.stringfalse
    incompleteStateIncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states.boolfalse
    stateState is the state of the resource, e.g. \"Unknown\", \"WaitApplied\", \"ErrApplied\" or \"Ready\".stringfalse
    errorError is true if any Error in the PerClusterState is true.boolfalse
    transitioningTransitioning is true if any Transitioning in the PerClusterState is true.boolfalse
    messageMessage is the first message from the PerClusterStates.stringfalse
    perClusterStatePerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources.[]ResourcePerClusterStatefalse

    Back to Custom Resources

    GitRepoResourceCounts​

    GitRepoResourceCounts contains the number of resources in each state.

    FieldDescriptionSchemeRequired
    readyReady is the number of ready resources.inttrue
    desiredReadyDesiredReady is the number of resources that should be ready.inttrue
    waitAppliedWaitApplied is the number of resources that are waiting to be applied.inttrue
    modifiedModified is the number of resources that have been modified.inttrue
    orphanedOrphaned is the number of orphaned resources.inttrue
    missingMissing is the number of missing resources.inttrue
    unknownUnknown is the number of resources in an unknown state.inttrue
    notReadyNotReady is the number of not ready resources. Resources are not ready if they do not match any other state.inttrue

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and index.stringfalse
    branchBranch The git branch to follow.stringfalse
    revisionRevision A specific commit or tag to operate on.stringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand.stringfalse
    clientSecretNameClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for a private Helm repository.stringfalse
    helmSecretNameForPathsHelmSecretNameForPaths contains the auth secret for private Helm repository for each path.stringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided.stringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default.[]stringfalse
    pausedPaused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync.boolfalse
    serviceAccountServiceAccount used in the downstream cluster for deployment.stringfalse
    targetsTargets is a list of targets this repo will deploy to.[]GitTargetfalse
    pollingIntervalPollingInterval is how often to check git for new updates.*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Git.int64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo.*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when a new image is scanned and written back to git repo.CommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepo.boolfalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status.int64true
    commitCommit is the Git commit hash from the last gitjob run.stringfalse
    readyClustersReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo.inttrue
    desiredReadyClustersDesiredReadyClusters\tis the number of clusters that should be ready for bundles of this GitRepo.inttrue
    gitJobStatusGitJobStatus is the status of the last GitJob run, e.g. \"Current\" if there was no error.stringfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    displayDisplay contains a human readable summary of the status.GitRepoDisplayfalse
    conditionsConditions is a list of Wrangler conditions that describe the state of the GitRepo.[]genericcondition.GenericConditionfalse
    resourcesResources contains metadata about the resources of each bundle.[]GitRepoResourcefalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles.GitRepoResourceCountsfalse
    resourceErrorsResourceErrors is a sorted list of errors from the resources.[]stringfalse
    lastSyncedImageScanTimeLastSyncedImageScanTime is the time of the last image scan.metav1.Timefalse

    Back to Custom Resources

    GitTarget​

    GitTarget is a cluster or cluster group to deploy to.

    FieldDescriptionSchemeRequired
    nameName is the name of this target.stringfalse
    clusterNameClusterName is the name of a cluster.stringfalse
    clusterSelectorClusterSelector is a label selector to select clusters.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup is the name of a cluster group in the same namespace as the clusters.stringfalse
    clusterGroupSelectorClusterGroupSelector is a label selector to select cluster groups.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    ResourcePerClusterState is generated for each non-ready resource of the bundles.

    FieldDescriptionSchemeRequired
    stateState is the state of the resource.stringfalse
    errorError is true if the resource is in an error state, copied from the bundle's summary for non-ready resources.boolfalse
    transitioningTransitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources.boolfalse
    messageMessage combines the messages from the bundle's summary. Messages are joined with the delimiter ';'.stringfalse
    patchPatch for modified resources.*GenericMapfalse
    clusterIdClusterID is the id of the cluster.stringfalse

    Back to Custom Resources

    GitRepoRestriction​

    GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountDefaultServiceAccount overrides the GitRepo's default service account.stringfalse
    allowedServiceAccountsAllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use.[]stringfalse
    allowedRepoPatternsAllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo.[]stringfalse
    defaultClientSecretNameDefaultClientSecretName overrides the GitRepo's default client secret.stringfalse
    allowedClientSecretNamesAllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use.[]stringfalse
    allowedTargetNamespacesAllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set.[]stringfalse

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    Custom Resources Spec

    Sub Resources

    Bundle​

    Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.\n\nWhen a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDisplay​

    BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle.

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    stateState is a summary state for the bundle, calculated over the non-ready resources.stringfalse

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    nameName of the bundle.stringfalse
    selectorSelector matching bundle's labels.*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    BundleResource represents the content of a single resource from the bundle, like a YAML manifest.

    FieldDescriptionSchemeRequired
    nameName of the resource, can include the bundle's internal path.stringfalse
    contentThe content of the resource, can be compressed.stringfalse
    encodingEncoding is either empty or \"base64+gz\".stringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts.[]BundleResourcefalse
    targetsTargets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used.[]BundleTargetfalse
    targetRestrictionsTargetRestrictions is an allow list, which controls if a bundledeployment is created for a target.[]BundleTargetRestrictionfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of Wrangler conditions that describe the state of the bundle.[]genericcondition.GenericConditionfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    newlyCreatedNewlyCreated is the number of bundle deployments that have been created, not updated.intfalse
    unavailableUnavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec.inttrue
    unavailablePartitionsUnavailablePartitions is the number of unavailable partitions.inttrue
    maxUnavailableMaxUnavailable is the maximum number of unavailable deployments. See rollout configuration.inttrue
    maxUnavailablePartitionsMaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions.inttrue
    maxNewMaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time.intfalse
    partitionsPartitionStatus lists the status of each partition.[]PartitionStatusfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.BundleDisplayfalse
    resourceKeyResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc..[]ResourceKeyfalse
    observedGenerationObservedGeneration is the current generation of the bundle.int64true

    Back to Custom Resources

    BundleSummary​

    BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status.

    FieldDescriptionSchemeRequired
    notReadyNotReady is the number of bundle deployments that have been deployed where some resources are not ready.intfalse
    waitAppliedWaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.intfalse
    errAppliedErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle.intfalse
    outOfSyncOutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent.intfalse
    modifiedModified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced.intfalse
    readyReady is the number of bundle deployments that have been deployed where all resources are ready.inttrue
    pendingPending is the number of bundle deployments that are being processed by Fleet controller.intfalse
    desiredReadyDesiredReady is the number of bundle deployments that should be ready.inttrue
    nonReadyResourcesNonReadyClusters is a list of states, which is filled for a bundle that is not ready.[]NonReadyResourcefalse

    Back to Custom Resources

    BundleTarget​

    BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct.

    FieldDescriptionSchemeRequired
    nameName of target. This value is largely for display and logging. If not specified a default name of the format \"target000\" will be usedstringfalse
    clusterNameClusterName to match a specific cluster by name that will be selectedstringfalse
    clusterSelectorClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup to match a specific cluster group by name.stringfalse
    clusterGroupSelectorClusterGroupSelector is a selector to match cluster groups.*metav1.LabelSelectorfalse
    doNotDeployDoNotDeploy if set to true, will not deploy to this target.boolfalse

    Back to Custom Resources

    BundleTargetRestriction​

    BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml.

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    NonReadyResource​

    NonReadyResource contains information about a bundle that is not ready for a given state like \"ErrApplied\". It contains a list of non-ready or modified resources and their states.

    FieldDescriptionSchemeRequired
    nameName is the name of the resource.stringfalse
    bundleStateState is the state of the resource, like e.g. \"NotReady\" or \"ErrApplied\".BundleStatefalse
    messageMessage contains information why the bundle is not ready.stringfalse
    modifiedStatusModifiedStatus lists the state for each modified resource.[]ModifiedStatusfalse
    nonReadyStatusNonReadyStatus lists the state for each non-ready resource.[]NonReadyStatusfalse

    Back to Custom Resources

    Partition​

    Partition defines a separate rollout strategy for a set of clusters.

    FieldDescriptionSchemeRequired
    nameA user-friendly name given to the partition used for Display (optional).stringfalse
    maxUnavailableA number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%*intstr.IntOrStringfalse
    clusterNameClusterName is the name of a cluster to include in this partitionstringfalse
    clusterSelectorSelector matching cluster labels to include in this partition*metav1.LabelSelectorfalse
    clusterGroupA cluster group name to include in this partitionstringfalse
    clusterGroupSelectorSelector matching cluster group labels to include in this partition*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    PartitionStatus is the status of a single rollout partition.

    FieldDescriptionSchemeRequired
    nameName is the name of the partition.stringfalse
    countCount is the number of clusters in the partition.intfalse
    maxUnavailableMaxUnavailable is the maximum number of unavailable clusters in the partition.intfalse
    unavailableUnavailable is the number of unavailable clusters in the partition.intfalse
    summarySummary is a summary state for the partition, calculated over its non-ready resources.BundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    ResourceKey lists resources, which will likely be deployed.

    FieldDescriptionSchemeRequired
    kindKind is the k8s api kind of the resource.stringfalse
    apiVersionAPIVersion is the k8s api version of the resource.stringfalse
    namespaceNamespace is the namespace of the resource.stringfalse
    nameName is the name of the resource.stringfalse

    Back to Custom Resources

    RolloutStrategy​

    RolloverStrategy controls the rollout of the bundle across clusters.

    FieldDescriptionSchemeRequired
    maxUnavailableA number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%*intstr.IntOrStringfalse
    maxUnavailablePartitionsA number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0*intstr.IntOrStringfalse
    autoPartitionSizeA number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%*intstr.IntOrStringfalse
    partitionsA list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize.[]Partitionfalse

    Back to Custom Resources

    BundleDeployment​

    BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse
    ignoreIgnoreOptions can be used to ignore fields when monitoring the bundle.IgnoreOptionsfalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse
    namespaceLabelsNamespaceLabels are labels that will be appended to the namespace created by Fleet.*map[string]stringfalse
    namespaceAnnotationsNamespaceAnnotations are annotations that will be appended to the namespace created by Fleet.*map[string]stringfalse

    Back to Custom Resources

    BundleDeploymentResource​

    BundleDeploymentResource contains the metadata of a deployed resource.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    createdAtmetav1.Timefalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected.boolfalse
    stagedOptionsStagedOptions are the deployment options, that are staged for the next deployment.BundleDeploymentOptionsfalse
    stagedDeploymentIDStagedDeploymentID is the ID of the staged deployment.stringfalse
    optionsOptions are the deployment options, that are currently applied.BundleDeploymentOptionsfalse
    deploymentIDDeploymentID is the ID of the currently applied deployment.stringfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[]NonReadyStatusfalse
    modifiedStatus[]ModifiedStatusfalse
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false
    resourcesResources lists the metadata of resources that were deployed according to the helm release history.[]BundleDeploymentResourcefalse

    Back to Custom Resources

    ComparePatch​

    ComparePatch matches a resource and removes fields from the check for modifications.

    FieldDescriptionSchemeRequired
    kindKind is the kind of the resource to match.stringfalse
    apiVersionAPIVersion is the apiVersion of the resource to match.stringfalse
    namespaceNamespace is the namespace of the resource to match.stringfalse
    nameName is the name of the resource to match.stringfalse
    operationsOperations remove a JSON path from the resource.[]Operationfalse
    jsonPointersJSONPointers ignore diffs at a certain JSON path.[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatchesComparePatches match a resource and remove fields from the check for modifications.[]ComparePatchfalse

    Back to Custom Resources

    HelmOptions​

    HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types.

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[]ValuesFromfalse
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse
    disableDNSDisableDNS can be used to customize Helm's EnableDNS option, which Fleet sets to true by default.boolfalse
    skipSchemaValidationSkipSchemaValidation allows skipping schema validation against the chart valuesboolfalse

    Back to Custom Resources

    IgnoreOptions​

    IgnoreOptions defines conditions to be ignored when monitoring the Bundle.

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of conditions to be ignored when monitoring the Bundle.[]map[string]stringfalse

    Back to Custom Resources

    KustomizeOptions​

    KustomizeOptions for a deployment.

    FieldDescriptionSchemeRequired
    dirDir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file.stringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    nameName of a resource in the same namespace as the referent.stringtrue

    Back to Custom Resources

    ModifiedStatus​

    ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyStatus​

    NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary.

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    Operation of a ComparePatch, usually \"remove\".

    FieldDescriptionSchemeRequired
    opOp is usually \"remove\"stringfalse
    pathPath is the JSON path to remove.stringfalse
    valueValue is usually empty.stringfalse

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.

    FieldDescriptionSchemeRequired
    overlaysOverlays is a list of names that maps to folders in \"overlays/\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.[]stringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    BundleNamespaceMapping maps bundles to clusters in other namespaces.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenLastSeen is the last time the agent checked in to update the status of the cluster resource.metav1.Timetrue
    namespaceNamespace is the namespace of the agent deployment, e.g. \"cattle-fleet-system\".stringtrue
    nonReadyNodesNonReadyNodes is the number of nodes that are not ready.inttrue
    readyNodesReadyNodes is the number of nodes that are ready.inttrue
    nonReadyNodeNamesNonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names.[]stringtrue
    readyNodeNamesReadyNodes contains the names of ready nodes. The list is limited to at most 3 names.[]stringtrue

    Back to Custom Resources

    Cluster​

    Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    readyNodesReadyNodes is a string in the form \"%d/%d\", that describes the number of nodes that are ready vs. the number of expected nodes.stringfalse
    sampleNodeSampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready.stringfalse
    stateState of the cluster, either one of the bundle states, or \"WaitCheckIn\".stringfalse

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. It can optionally contain a APIServerURL and CA to override the values in the fleet-controller's configmap.stringfalse
    kubeConfigSecretNamespaceKubeConfigSecretNamespace is the namespace of the secret containing the kubeconfig for the downstream cluster. If unset, it will be assumed the secret can be found in the namespace that the Cluster object resides within.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]corev1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]corev1.Tolerationfalse
    agentAffinityAgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used.*corev1.Affinityfalse
    agentResourcesAgentResources sets the resources for the cluster's agent deployment.*corev1.ResourceRequirementsfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summarySummary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource.BundleSummaryfalse
    resourceCountsResourceCounts is an aggregate over the GitRepoResourceCounts.GitRepoResourceCountsfalse
    readyGitReposReadyGitRepos is the number of gitrepos for this cluster that are ready.inttrue
    desiredReadyGitReposDesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready.inttrue
    agentEnvVarsHashAgentEnvVarsHash is a hash of the agent's env vars, used to detect changes.stringfalse
    agentPrivateRepoURLAgentPrivateRepoURL is the private repo URL for the agent that is currently used.stringfalse
    agentDeployedGenerationAgentDeployedGeneration is the generation of the agent that is currently deployed.*int64false
    agentMigratedAgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status.boolfalse
    agentNamespaceMigratedAgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status.boolfalse
    cattleNamespaceMigratedCattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status.boolfalse
    agentAffinityHashAgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes.stringfalse
    agentResourcesHashAgentResourcesHash is a hash of the agent's resources configuration, used to detect changes.stringfalse
    agentTolerationsHashAgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes.stringfalse
    agentConfigChangedAgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster.boolfalse
    apiServerURLAPIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream.stringfalse
    apiServerCAHashAPIServerCAHash is a hash of the upstream API server CA, used to detect changes.stringfalse
    displayDisplay contains the number of ready bundles, nodes and a summary state.ClusterDisplayfalse
    agentAgentStatus contains information about the agent.AgentStatusfalse

    Back to Custom Resources

    ClusterGroup​

    ClusterGroup is a re-usable selector to target a group of clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    stateState is a summary state for the cluster group, showing \"NotReady\" if there are non-ready resources.stringfalse

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selectorSelector is a label selector, used to select clusters for this group.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountClusterCount is the number of clusters in the cluster group.inttrue
    nonReadyClusterCountNonReadyClusterCount is the number of clusters that are not ready.inttrue
    nonReadyClustersNonReadyClusters is a list of cluster names that are not ready.[]stringfalse
    conditionsConditions is a list of conditions and their statuses for the cluster group.[]genericcondition.GenericConditionfalse
    summarySummary is a summary of the bundle deployments and their resources in the cluster group.BundleSummaryfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.ClusterGroupDisplayfalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles in the cluster group.GitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    ClusterRegistration is used internally by Fleet and should not be used directly.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID.stringfalse
    clientRandomClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name.stringfalse
    clusterLabelsClusterLabels are copied to the cluster resource during the registration.map[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNameClusterName is only set after the registration is being processed by fleet-controller.stringfalse
    grantedGranted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings.boolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    ClusterRegistrationToken is used by agents to register a new cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttlTTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted.*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expiresExpires is the time when the token expires.*metav1.Timefalse
    secretNameSecretName is the name of the secret containing the token.stringfalse

    Back to Custom Resources

    Content​

    Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    contentContent is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them.[]bytefalse

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    CorrectDrift​

    FieldDescriptionSchemeRequired
    enabledEnabled correct drift if true.boolfalse
    forceForce helm rollback with --force option will be used if true. This will try to recreate all resources in the release.boolfalse
    keepFailHistoryKeepFailHistory keeps track of failed rollbacks in the helm history.boolfalse

    Back to Custom Resources

    GitRepo​

    GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsReadyBundleDeployments is a string in the form \"%d/%d\", that describes the number of ready bundledeployments over the total number of bundledeployments.stringfalse
    stateState is the state of the GitRepo, e.g. \"GitUpdating\" or the maximal BundleState according to StateRank.stringfalse
    messageMessage contains the relevant message from the deployment conditions.stringfalse
    errorError is true if a message is present.boolfalse

    Back to Custom Resources

    GitRepoResource​

    GitRepoResource contains metadata about the resources of a bundle.

    FieldDescriptionSchemeRequired
    apiVersionAPIVersion is the API version of the resource.stringfalse
    kindKind is the k8s kind of the resource.stringfalse
    typeType is the type of the resource, e.g. \"apiextensions.k8s.io.customresourcedefinition\" or \"configmap\".stringfalse
    idID is the name of the resource, e.g. \"namespace1/my-config\" or \"backingimagemanagers.storage.io\".stringfalse
    namespaceNamespace of the resource.stringfalse
    nameName of the resource.stringfalse
    incompleteStateIncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states.boolfalse
    stateState is the state of the resource, e.g. \"Unknown\", \"WaitApplied\", \"ErrApplied\" or \"Ready\".stringfalse
    errorError is true if any Error in the PerClusterState is true.boolfalse
    transitioningTransitioning is true if any Transitioning in the PerClusterState is true.boolfalse
    messageMessage is the first message from the PerClusterStates.stringfalse
    perClusterStatePerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources.[]ResourcePerClusterStatefalse

    Back to Custom Resources

    GitRepoResourceCounts​

    GitRepoResourceCounts contains the number of resources in each state.

    FieldDescriptionSchemeRequired
    readyReady is the number of ready resources.inttrue
    desiredReadyDesiredReady is the number of resources that should be ready.inttrue
    waitAppliedWaitApplied is the number of resources that are waiting to be applied.inttrue
    modifiedModified is the number of resources that have been modified.inttrue
    orphanedOrphaned is the number of orphaned resources.inttrue
    missingMissing is the number of missing resources.inttrue
    unknownUnknown is the number of resources in an unknown state.inttrue
    notReadyNotReady is the number of not ready resources. Resources are not ready if they do not match any other state.inttrue

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and index.stringfalse
    branchBranch The git branch to follow.stringfalse
    revisionRevision A specific commit or tag to operate on.stringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand.stringfalse
    clientSecretNameClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for a private Helm repository.stringfalse
    helmSecretNameForPathsHelmSecretNameForPaths contains the auth secret for private Helm repository for each path.stringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided.stringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default.[]stringfalse
    pausedPaused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync.boolfalse
    serviceAccountServiceAccount used in the downstream cluster for deployment.stringfalse
    targetsTargets is a list of targets this repo will deploy to.[]GitTargetfalse
    pollingIntervalPollingInterval is how often to check git for new updates.*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Git.int64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo.*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when a new image is scanned and written back to git repo.CommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepo.boolfalse
    correctDriftCorrectDrift specifies how drift correction should work.CorrectDriftfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status.int64true
    commitCommit is the Git commit hash from the last gitjob run.stringfalse
    readyClustersReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo.inttrue
    desiredReadyClustersDesiredReadyClusters\tis the number of clusters that should be ready for bundles of this GitRepo.inttrue
    gitJobStatusGitJobStatus is the status of the last GitJob run, e.g. \"Current\" if there was no error.stringfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    displayDisplay contains a human readable summary of the status.GitRepoDisplayfalse
    conditionsConditions is a list of Wrangler conditions that describe the state of the GitRepo.[]genericcondition.GenericConditionfalse
    resourcesResources contains metadata about the resources of each bundle.[]GitRepoResourcefalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles.GitRepoResourceCountsfalse
    resourceErrorsResourceErrors is a sorted list of errors from the resources.[]stringfalse
    lastSyncedImageScanTimeLastSyncedImageScanTime is the time of the last image scan.metav1.Timefalse

    Back to Custom Resources

    GitTarget​

    GitTarget is a cluster or cluster group to deploy to.

    FieldDescriptionSchemeRequired
    nameName is the name of this target.stringfalse
    clusterNameClusterName is the name of a cluster.stringfalse
    clusterSelectorClusterSelector is a label selector to select clusters.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup is the name of a cluster group in the same namespace as the clusters.stringfalse
    clusterGroupSelectorClusterGroupSelector is a label selector to select cluster groups.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    ResourcePerClusterState is generated for each non-ready resource of the bundles.

    FieldDescriptionSchemeRequired
    stateState is the state of the resource.stringfalse
    errorError is true if the resource is in an error state, copied from the bundle's summary for non-ready resources.boolfalse
    transitioningTransitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources.boolfalse
    messageMessage combines the messages from the bundle's summary. Messages are joined with the delimiter ';'.stringfalse
    patchPatch for modified resources.*GenericMapfalse
    clusterIdClusterID is the id of the cluster.stringfalse

    Back to Custom Resources

    GitRepoRestriction​

    GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountDefaultServiceAccount overrides the GitRepo's default service account.stringfalse
    allowedServiceAccountsAllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use.[]stringfalse
    allowedRepoPatternsAllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo.[]stringfalse
    defaultClientSecretNameDefaultClientSecretName overrides the GitRepo's default client secret.stringfalse
    allowedClientSecretNamesAllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use.[]stringfalse
    allowedTargetNamespacesAllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set.[]stringfalse

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/ref-fleet-yaml.html b/0.9/ref-fleet-yaml.html index 1515727bd..64285ee46 100644 --- a/0.9/ref-fleet-yaml.html +++ b/0.9/ref-fleet-yaml.html @@ -4,13 +4,13 @@ fleet.yaml | Fleet - +
    -
    Version: 0.9

    fleet.yaml

    The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.

    For more information on how to use the fleet.yaml to customize bundles see Git Repository Contents.

    The content of the fleet.yaml corresponds to the struct at pkg/bundlereader/read.go, which contains the BundleSpec.

    Reference​

    fleet.yaml
    # The default namespace to be applied to resources. This field is not used to
    # enforce or lock down the deployment to a specific namespace, but instead
    # provide the default value of the namespace field if one is not specified
    # in the manifests.
    # Default: default
    defaultNamespace: default

    # All resources will be assigned to this namespace and if any cluster scoped
    # resource exists the deployment will fail.
    # Default: ""
    namespace: default

    # namespaceLabels are labels that will be appended to the namespace created by Fleet.
    namespaceLabels:
      key: value
    # namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.
    namespaceAnnotations:
      key: value

    # Optional map of labels, that are set at the bundle and can be used in a
    # dependsOn.selector
    labels:
      key: value

    kustomize:
      # Use a custom folder for kustomize resources. This folder must contain
      # a kustomization.yaml file.
      dir: ./kustomize

    helm:
      ### These options control how "fleet apply" downloads the chart
      #
      # Use a custom location for the Helm chart. This can refer to any go-getter URL or
      # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".
      # This allows one to download charts from most any location.  Also know that
      # go-getter URL supports adding a digest to validate the download. If repo
      # is set below this field is the name of the chart to lookup
      chart: ./chart
      # A https URL to a Helm repo to download the chart from. It's typically easier
      # to just use `chart` field and refer to a tgz file.  If repo is used the
      # value of `chart` will be used as the chart name to lookup in the Helm repository.
      repo: https://charts.rancher.io
      # The version of the chart or semver constraint of the chart to find. If a constraint
      # is specified it is evaluated each time git changes.
      # The version also determines which chart to download from OCI registries.
      version: 0.1.0

      ### These options only work for helm-type bundles
      #
      # Any values that should be placed in the `values.yaml` and passed to helm during
      # install.
      values:
        any-custom: value
      # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME
      # These can now be accessed directly as variables
      # The variable's value will be an empty string if the referenced cluster label does not
      # exist on the targeted cluster
        variableName: global.fleet.clusterLabels.LABELNAME
      # It is possible to specify the keys and values as go template strings for
      # advanced templating needs. Most of the functions from the sprig templating
      # library are available. Note, if the functions output changes with every
      # call, e.g. `uuidv4`, the bundle will get redeployed.
      # The template context has following keys.
      # `.ClusterValues` are retrieved from target cluster's `spec.templateValues`
      # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.
      # `.ClusterName` as the fleet's cluster resource name.
      # `.ClusterNamespace` as the namespace in which the cluster resource exists.
      # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,
      #       unlike helm which uses {{ }}.
        templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"
        valueFromEnv:
          "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }
      # Path to any values files that need to be passed to helm during install
      valuesFiles:
        - values1.yaml
        - values2.yaml
      # Allow to use values files from configmaps or secrets defined in the downstream clusters
      valuesFrom:
      - configMapKeyRef:
          name: configmap-values
          # default to namespace of bundle
          namespace: default
          key: values.yaml
      - secretKeyRef:
          name: secret-values
          namespace: default
          key: values.yaml

      ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.
      #
      # A custom release name to deploy the chart as. If not specified a release name
      # will be generated by combining the invoking GitRepo.name + GitRepo.path.
      releaseName: my-release
      # Makes helm skip the check for its own annotations
      takeOwnership: false
      # Override immutable resources. This could be dangerous.
      force: false
      # Set the Helm --atomic flag when upgrading
      atomic: false
      # Disable go template pre-processing on the fleet values
      disablePreProcess: false
      # Disable DNS resolution in Helm's template functions
      disableDNS: false
      # Skip evaluation of the values.schema.json file
      skipSchemaValidation: false
      # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.
      # It will wait for as long as timeoutSeconds
      waitForJobs: true

    # A paused bundle will not update downstream clusters but instead mark the bundle
    # as OutOfSync. One can then manually confirm that a bundle should be deployed to
    # the downstream clusters.
    # Default: false
    paused: false

    rolloutStrategy:
        # A number or percentage of clusters that can be unavailable during an update
        # of a bundle. This follows the same basic approach as a deployment rollout
        # strategy. Once the number of clusters meets unavailable state update will be
        # paused. Default value is 100% which doesn't take effect on update.
        # default: 100%
        maxUnavailable: 15%
        # A number or percentage of cluster partitions that can be unavailable during
        # an update of a bundle.
        # default: 0
        maxUnavailablePartitions: 20%
        # A number of percentage of how to automatically partition clusters if not
        # specific partitioning strategy is configured.
        # default: 25%
        autoPartitionSize: 10%
        # A list of definitions of partitions.  If any target clusters do not match
        # the configuration they are added to partitions at the end following the
        # autoPartitionSize.
        partitions:
          # A user friend name given to the partition used for Display (optional).
          # default: ""
        - name: canary
          # A number or percentage of clusters that can be unavailable in this
          # partition before this partition is treated as done.
          # default: 10%
          maxUnavailable: 10%
          # Selector matching cluster labels to include in this partition
          clusterSelector:
            matchLabels:
              env: prod
          # A cluster group name to include in this partition
          clusterGroup: agroup
          # Selector matching cluster group labels to include in this partition
          clusterGroupSelector:
            clusterSelector:
              matchLabels:
                env: prod

    # Target customization are used to determine how resources should be modified per target
    # Targets are evaluated in order and the first one to match a cluster is used for that cluster.
    targetCustomizations:
    # The name of target. If not specified a default name of the format "target000"
    # will be used. This value is mostly for display
    - name: prod
      # Custom namespace value overriding the value at the root
      namespace: newvalue
      # Custom defaultNamespace value overriding the value at the root
      defaultNamespace: newdefaultvalue
      # Custom kustomize options overriding the options at the root
      kustomize: {}
      # Custom Helm options override the options at the root
      helm: {}
      # If using raw YAML these are names that map to overlays/{name} that will be used
      # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml
      # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.
      # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
      # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin
      # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.
      yaml:
        overlays:
        - custom2
        - custom3
      # A selector used to match clusters.  The structure is the standard
      # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,
      # clusterSelector will be used only to further refine the selection after
      # clusterGroupSelector and clusterGroup is evaluated.
      clusterSelector:
        matchLabels:
          env: prod
      # A selector used to match a specific cluster by name. When using Fleet in
      # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.
      clusterName: dev-cluster
      # A selector used to match cluster groups.
      clusterGroupSelector:
        matchLabels:
          region: us-east
      # A specific clusterGroup by name that will be selected
      clusterGroup: group1
      # Resources will not be deployed in the matched clusters if doNotDeploy is true.
      doNotDeploy: false

    # dependsOn allows you to configure dependencies to other bundles. The current bundle
    # will only be deployed, after all dependencies are deployed and in a Ready state.
    dependsOn:
      # Format: <GITREPO-NAME>-<BUNDLE_PATH> with all path separators replaced by "-"
      # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"
      # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:
      # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7
      - name: one-multi-cluster-hello-world
      # Select bundles to depend on based on their label.
      - selector:
          matchLabels:
            app: weak-monkey

    # Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources
    # makes the Bundle to be in an error state when it shouldn't.
    ignore:
      # Conditions to be ignored
      conditions:
      # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}
      - type: Active
        status: "False"

    # Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.
    overrideTargets:
      - clusterSelector:
          matchLabels:
            env: dev

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    fleet.yaml

    The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.

    For more information on how to use the fleet.yaml to customize bundles see Git Repository Contents.

    The content of the fleet.yaml corresponds to the struct at pkg/bundlereader/read.go, which contains the BundleSpec.

    Reference​

    fleet.yaml
    # The default namespace to be applied to resources. This field is not used to
    # enforce or lock down the deployment to a specific namespace, but instead
    # provide the default value of the namespace field if one is not specified
    # in the manifests.
    # Default: default
    defaultNamespace: default

    # All resources will be assigned to this namespace and if any cluster scoped
    # resource exists the deployment will fail.
    # Default: ""
    namespace: default

    # namespaceLabels are labels that will be appended to the namespace created by Fleet.
    namespaceLabels:
      key: value
    # namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.
    namespaceAnnotations:
      key: value

    # Optional map of labels, that are set at the bundle and can be used in a
    # dependsOn.selector
    labels:
      key: value

    kustomize:
      # Use a custom folder for kustomize resources. This folder must contain
      # a kustomization.yaml file.
      dir: ./kustomize

    helm:
      ### These options control how "fleet apply" downloads the chart
      #
      # Use a custom location for the Helm chart. This can refer to any go-getter URL or
      # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".
      # This allows one to download charts from most any location.  Also know that
      # go-getter URL supports adding a digest to validate the download. If repo
      # is set below this field is the name of the chart to lookup
      chart: ./chart
      # A https URL to a Helm repo to download the chart from. It's typically easier
      # to just use `chart` field and refer to a tgz file.  If repo is used the
      # value of `chart` will be used as the chart name to lookup in the Helm repository.
      repo: https://charts.rancher.io
      # The version of the chart or semver constraint of the chart to find. If a constraint
      # is specified it is evaluated each time git changes.
      # The version also determines which chart to download from OCI registries.
      version: 0.1.0

      ### These options only work for helm-type bundles
      #
      # Any values that should be placed in the `values.yaml` and passed to helm during
      # install.
      values:
        any-custom: value
      # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME
      # These can now be accessed directly as variables
      # The variable's value will be an empty string if the referenced cluster label does not
      # exist on the targeted cluster
        variableName: global.fleet.clusterLabels.LABELNAME
      # It is possible to specify the keys and values as go template strings for
      # advanced templating needs. Most of the functions from the sprig templating
      # library are available. Note, if the functions output changes with every
      # call, e.g. `uuidv4`, the bundle will get redeployed.
      # The template context has following keys.
      # `.ClusterValues` are retrieved from target cluster's `spec.templateValues`
      # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.
      # `.ClusterName` as the fleet's cluster resource name.
      # `.ClusterNamespace` as the namespace in which the cluster resource exists.
      # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,
      #       unlike helm which uses {{ }}.
        templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"
        valueFromEnv:
          "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }
      # Path to any values files that need to be passed to helm during install
      valuesFiles:
        - values1.yaml
        - values2.yaml
      # Allow to use values files from configmaps or secrets defined in the downstream clusters
      valuesFrom:
      - configMapKeyRef:
          name: configmap-values
          # default to namespace of bundle
          namespace: default
          key: values.yaml
      - secretKeyRef:
          name: secret-values
          namespace: default
          key: values.yaml

      ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.
      #
      # A custom release name to deploy the chart as. If not specified a release name
      # will be generated by combining the invoking GitRepo.name + GitRepo.path.
      releaseName: my-release
      # Makes helm skip the check for its own annotations
      takeOwnership: false
      # Override immutable resources. This could be dangerous.
      force: false
      # Set the Helm --atomic flag when upgrading
      atomic: false
      # Disable go template pre-processing on the fleet values
      disablePreProcess: false
      # Disable DNS resolution in Helm's template functions
      disableDNS: false
      # Skip evaluation of the values.schema.json file
      skipSchemaValidation: false
      # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.
      # It will wait for as long as timeoutSeconds
      waitForJobs: true

    # A paused bundle will not update downstream clusters but instead mark the bundle
    # as OutOfSync. One can then manually confirm that a bundle should be deployed to
    # the downstream clusters.
    # Default: false
    paused: false

    rolloutStrategy:
        # A number or percentage of clusters that can be unavailable during an update
        # of a bundle. This follows the same basic approach as a deployment rollout
        # strategy. Once the number of clusters meets unavailable state update will be
        # paused. Default value is 100% which doesn't take effect on update.
        # default: 100%
        maxUnavailable: 15%
        # A number or percentage of cluster partitions that can be unavailable during
        # an update of a bundle.
        # default: 0
        maxUnavailablePartitions: 20%
        # A number of percentage of how to automatically partition clusters if not
        # specific partitioning strategy is configured.
        # default: 25%
        autoPartitionSize: 10%
        # A list of definitions of partitions.  If any target clusters do not match
        # the configuration they are added to partitions at the end following the
        # autoPartitionSize.
        partitions:
          # A user friend name given to the partition used for Display (optional).
          # default: ""
        - name: canary
          # A number or percentage of clusters that can be unavailable in this
          # partition before this partition is treated as done.
          # default: 10%
          maxUnavailable: 10%
          # Selector matching cluster labels to include in this partition
          clusterSelector:
            matchLabels:
              env: prod
          # A cluster group name to include in this partition
          clusterGroup: agroup
          # Selector matching cluster group labels to include in this partition
          clusterGroupSelector:
            clusterSelector:
              matchLabels:
                env: prod

    # Target customization are used to determine how resources should be modified per target
    # Targets are evaluated in order and the first one to match a cluster is used for that cluster.
    targetCustomizations:
    # The name of target. If not specified a default name of the format "target000"
    # will be used. This value is mostly for display
    - name: prod
      # Custom namespace value overriding the value at the root
      namespace: newvalue
      # Custom defaultNamespace value overriding the value at the root
      defaultNamespace: newdefaultvalue
      # Custom kustomize options overriding the options at the root
      kustomize: {}
      # Custom Helm options override the options at the root
      helm: {}
      # If using raw YAML these are names that map to overlays/{name} that will be used
      # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml
      # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.
      # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.
      # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin
      # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.
      yaml:
        overlays:
        - custom2
        - custom3
      # A selector used to match clusters.  The structure is the standard
      # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,
      # clusterSelector will be used only to further refine the selection after
      # clusterGroupSelector and clusterGroup is evaluated.
      clusterSelector:
        matchLabels:
          env: prod
      # A selector used to match a specific cluster by name. When using Fleet in
      # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.
      clusterName: dev-cluster
      # A selector used to match cluster groups.
      clusterGroupSelector:
        matchLabels:
          region: us-east
      # A specific clusterGroup by name that will be selected
      clusterGroup: group1
      # Resources will not be deployed in the matched clusters if doNotDeploy is true.
      doNotDeploy: false

    # dependsOn allows you to configure dependencies to other bundles. The current bundle
    # will only be deployed, after all dependencies are deployed and in a Ready state.
    dependsOn:
      # Format: <GITREPO-NAME>-<BUNDLE_PATH> with all path separators replaced by "-"
      # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"
      # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:
      # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7
      - name: one-multi-cluster-hello-world
      # Select bundles to depend on based on their label.
      - selector:
          matchLabels:
            app: weak-monkey

    # Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources
    # makes the Bundle to be in an error state when it shouldn't.
    ignore:
      # Conditions to be ignored
      conditions:
      # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}
      - type: Active
        status: "False"

    # Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.
    overrideTargets:
      - clusterSelector:
          matchLabels:
            env: dev

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/ref-gitrepo.html b/0.9/ref-gitrepo.html index 619fa563b..6f62227ed 100644 --- a/0.9/ref-gitrepo.html +++ b/0.9/ref-gitrepo.html @@ -4,14 +4,14 @@ GitRepo Resource | Fleet - +
    Version: 0.9

    GitRepo Resource

    The GitRepo resource describes git repositories, how to access them and where the bundles are located.

    The content of the resource corresponds to the GitRepoSpec. -For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      #
      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.
      # Credentials will always be used if it is empty or not provided
      #
      # helmRepoURLRegex: https://charts.rancher.io/*
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      # If empty, the "default" cluster group is used.
      #
      # targets: ...
      #
      # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses
      # a three-way merge strategy by default. 
      # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating 
      # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.
      # Keep in mind that resources might be recreated if force is enabled.
      # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.
      #
      #  correctDrift:
      #    enabled: false
      #    force: false #Warning: it might recreate resources if set to true
      #    keepFailHistory: false
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private registry you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key
      #
      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret
      #
      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.
      # Credentials will always be used if it is empty or not provided
      #
      # helmRepoURLRegex: https://charts.rancher.io/*
      #
      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle
      #
      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true
      #
      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      # If empty, the "default" cluster group is used.
      #
      # targets: ...
      #
      # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses
      # a three-way merge strategy by default. 
      # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating 
      # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.
      # Keep in mind that resources might be recreated if force is enabled.
      # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.
      #
      #  correctDrift:
      #    enabled: false
      #    force: false #Warning: it might recreate resources if set to true
      #    keepFailHistory: false
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/ref-registration.html b/0.9/ref-registration.html index 8af0a7ae0..69ba90afa 100644 --- a/0.9/ref-registration.html +++ b/0.9/ref-registration.html @@ -4,7 +4,7 @@ Cluster Registration Internals | Fleet - + @@ -14,8 +14,8 @@ The import.go will enqueue itself until the import service account exists, because that’s needed to create the fleet-agent-bootstrap secret. Now, the fleet-agent and the bootstrap secret are present on the downstream cluster

    Fleet-Agent -> ClusterRegistration​

    Immediately the fleet-agent checks for a fleet-agent-bootstrap secret (which contains the import kubeconfig) and starts registering if present. Then fleet-agent creates a clusterregistration resource in fleet-default on the management cluster, with a random number. The random number will be used for the registration secret’s name.

    fleet-controller triggers and tries to grant the clusterregistration request to create fleet-agent’s serviceaccount and create the ‘c-*’ registration secret with the clients new kubeconfig. The registration secret name is hash("clientID-clientRandom"). The new kubeconfig uses the "request" account. The request account can access the cluster status, bundledeployments and contents.

    Notes​

    • The registration starts with the "import" account and pivots to the "request" account.
    • The fleet-default namespace has all the cluster registrations, the import account uses a separate namespace.
    • Once the agent is registered, fleet-controller will trigger on a cluster/namespace change and call manageagent to create a bundle. The agent will update itself to the bundle and since the generation env var changes it will restart.
    • If no bootstrap secret exists, the agent will not re-register.

    Diagram​

    Process​

    Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster. -It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Secrets​

    This diagram shows the resources created during registration and focuses on the k8s API server configuration.

    Registration Secrets

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Secrets​

    This diagram shows the resources created during registration and focuses on the k8s API server configuration.

    Registration Secrets

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/ref-resources.html b/0.9/ref-resources.html index 177a6bec5..56125e8d1 100644 --- a/0.9/ref-resources.html +++ b/0.9/ref-resources.html @@ -4,13 +4,13 @@ List of Deployed Resources | Fleet - +
    -
    Version: 0.9

    List of Deployed Resources

    After installing Fleet in Rancher these resources are created in the upstream cluster.

    TypeNameNamespace
    From Helm, intial setup:
    ClusterRolefleet-controller-
    ClusterRolegitjob-
    ClusterRoleBindingfleet-controller-
    ClusterRoleBindinggitjob-binding-
    ConfigMapfleet-controllercattle-fleet-system
    Deploymentfleet-controllercattle-fleet-system
    Deploymentgitjobcattle-fleet-system
    Rolefleet-controllercattle-fleet-system
    Rolegitjobcattle-fleet-system
    RoleBindingfleet-controllercattle-fleet-system
    RoleBindinggitjobcattle-fleet-system
    Servicegitjobcattle-fleet-system
    ServiceAccountfleet-controllercattle-fleet-system
    ServiceAccountgitjobcattle-fleet-system
    Generated:
    clusters.fleet.cattle.iolocalfleet-local
    clusters.provisioning.cattle.iolocalfleet-local
    clusters.management.cattle.iolocal-
    ClusterGroupdefaultfleet-local
    Bundlefleet-agent-localfleet-local
    For each registered cluster:
    clusters.provisioning.cattle.ioby default fleet-default
    clusters.management.cattle.iogenerated-
    clusters.fleet.cattle.iofleet-default
    Bundlefleet-default
    BundleDeploymentcluster-fleet-local-local-IDfleet-agent-local

    Also see [namespaces]

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: 0.9

    List of Deployed Resources

    After installing Fleet in Rancher these resources are created in the upstream cluster.

    TypeNameNamespace
    From Helm, intial setup:
    ClusterRolefleet-controller-
    ClusterRolegitjob-
    ClusterRoleBindingfleet-controller-
    ClusterRoleBindinggitjob-binding-
    ConfigMapfleet-controllercattle-fleet-system
    Deploymentfleet-controllercattle-fleet-system
    Deploymentgitjobcattle-fleet-system
    Rolefleet-controllercattle-fleet-system
    Rolegitjobcattle-fleet-system
    RoleBindingfleet-controllercattle-fleet-system
    RoleBindinggitjobcattle-fleet-system
    Servicegitjobcattle-fleet-system
    ServiceAccountfleet-controllercattle-fleet-system
    ServiceAccountgitjobcattle-fleet-system
    Generated:
    clusters.fleet.cattle.iolocalfleet-local
    clusters.provisioning.cattle.iolocalfleet-local
    clusters.management.cattle.iolocal-
    ClusterGroupdefaultfleet-local
    Bundlefleet-agent-localfleet-local
    For each registered cluster:
    clusters.provisioning.cattle.ioby default fleet-default
    clusters.management.cattle.iogenerated-
    clusters.fleet.cattle.iofleet-default
    Bundlefleet-default
    BundleDeploymentcluster-fleet-local-local-IDfleet-agent-local

    Also see [namespaces]

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/resources-during-deployment.html b/0.9/resources-during-deployment.html index 93c00e8c6..6116b5f84 100644 --- a/0.9/resources-during-deployment.html +++ b/0.9/resources-during-deployment.html @@ -4,13 +4,13 @@ Custom Resources During Deployment | Fleet - +
    -
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/troubleshooting.html b/0.9/troubleshooting.html index 3063833ef..632cb9886 100644 --- a/0.9/troubleshooting.html +++ b/0.9/troubleshooting.html @@ -4,7 +4,7 @@ Troubleshooting | Fleet - + @@ -12,8 +12,8 @@
    Version: 0.9

    Troubleshooting

    This section contains commands and tips to troubleshoot Fleet.

    How Do I...​

    Fetch the log from fleet-controller?​

    In the local management cluster where the fleet-controller is deployed, run the following command with your specific fleet-controller pod name filled in:

    $ kubectl logs -l app=fleet-controller -n cattle-fleet-system

    Fetch the log from the fleet-agent?​

    Go to each downstream cluster and run the following command for the local cluster with your specific fleet-agent pod name filled in:

    # Downstream cluster
    $ kubectl logs -l app=fleet-agent -n cattle-fleet-system
    # Local cluster
    $ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system

    Fetch detailed error logs from GitRepos and Bundles?​

    Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:

    • For more information about the bundle, click on bundle, and the YAML mode will be enabled.
    • For more information about the GitRepo, click on GitRepo, then click on View Yaml in the upper right of the screen. After viewing the YAML, check status.conditions; a detailed error message should be displayed here.
    • Check the fleet-controller for synching errors.
    • Check the fleet-agent log in the downstream cluster if you encounter issues when deploying the bundle.

    Fetch detailed status from GitRepos and Bundles?​

    For debugging and bug reports the raw JSON of the resources status fields is most useful. This can be accessed in the Rancher UI, or through kubectl:

    kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}
    kubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}

    Check a chart rendering error in Kustomize?​

    Check the fleet-controller logs and the fleet-agent logs.

    Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?​

    Check the gitjob-controller logs using the following command with your specific gitjob pod name filled in:

    $ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system

    Note that there are two containers inside the pod: the step-git-source container that clones the git repo, and the fleet container that applies bundles based on the git repo.

    The pods will usually have images named rancher/tekton-utils with the gitRepo name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific gitRepoName pod name and namespace:

    $ kubectl logs -f $gitRepoName-pod-name -n namespace

    Check the status of the fleet-controller?​

    You can check the status of the fleet-controller pods by running the commands below:

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    Enable debug logging for fleet-controller and fleet-agent?​

    Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added.

    • Go to the Dashboard, then click on the local cluster in the left navigation menu
    • Select Apps & Marketplace, then Installed Apps from the dropdown
    • From there, you will upgrade the Fleet chart with the value debug=true. You can also set debugLevel=5 if desired.

    Additional Solutions for Other Fleet Issues​

    Naming conventions for CRDs​

    1. For CRD terms like clusters and gitrepos, you must reference the full CRD name. For example, the cluster CRD's complete name is cluster.fleet.cattle.io, and the gitrepo CRD's complete name is gitrepo.fleet.cattle.io.

    2. Bundles, which are created from the GitRepo, follow the pattern $gitrepoName-$path in the same workspace/namespace where the GitRepo was created. Note that $path is the path directory in the git repository that contains the bundle (fleet.yaml).

    3. BundleDeployments, which are created from the bundle, follow the pattern $bundleName-$clusterName in the namespace clusters-$workspace-$cluster-$generateHash. Note that $clusterName is the cluster to which the bundle will be deployed.

    HTTP secrets in Github​

    When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:

    1. Create a personal access token in Github.
    2. In Rancher, create an HTTP secret with your Github username.
    3. Use your token as the secret.

    Fleet fails with bad response code: 403​

    If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your fleet.yaml:

    time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"

    Perform the following steps to assess:

    • Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully
    • Check that your credentials for the git repo are valid

    Helm chart repo: certificate signed by unknown authority​

    If your GitJob returns the error below, you may have added the wrong certificate chain:

    time="2021-11-11T05:55:08Z" level=fatal msg="Get \"https://helm.intra/virtual-helm/index.yaml\": x509: certificate signed by unknown authority"

    Please verify your certificate with the following command:

    context=playground-local
    kubectl get secret -n fleet-default helm-repo -o jsonpath="{['data']['cacerts']}" --context $context | base64 -d | openssl x509 -text -noout
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71
            Signature Algorithm: sha512WithRSAEncryption
            Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3
    ...

    Fleet deployment stuck in modified state​

    When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.

    To ignore the modified flag for the differences between the Helm install generated by fleet.yaml and the resource in your cluster, add a diff.comparePatches to the fleet.yaml for your Deployment, as shown in this example:

    defaultNamespace: <namespace name>
    helm:
      releaseName: <release name>
      repo: <repo name>
      chart: <chart name>
    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        operations:
        - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}
        - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}
        jsonPointers: # jsonPointers allows to ignore diffs at certain json path
        - "/spec/template/spec/priorityClassName"
        - "/spec/template/spec/tolerations"

    To determine which operations should be removed, observe the logs from fleet-agent on the target cluster. You should see entries similar to the following:

    level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\"spec\":{\"template\":{\"spec\":{\"hostNetwork\":false}}}}"

    Based on the above log, you can add the following entry to remove the operation:

    {"op":"remove", "path":"/spec/template/spec/hostNetwork"}

    GitRepo or Bundle stuck in modified state​

    Modified means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository.

    1. Check the bundle diffs documentation for more information.

    2. You can also force update the gitrepo to perform a manual resync. Select GitRepo on the left navigation bar, then select Force Update.

    Bundle has a Horizontal Pod Autoscaler (HPA) in modified state​

    For bundles with an HPA, the expected state is Modified, as the bundle contains fields that differ from the state of the Bundle at deployment - usually ReplicaSet.

    You must define a patch in the fleet.yaml to ignore this field according to GitRepo or Bundle stuck in modified state.

    Here is an example of such a patch for the deployment nginx in namespace default:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: nginx
        namespace: default
        operations:
        - {"op": "remove", "path": "/spec/replicas"}

    What if the cluster is unavailable, or is in a WaitCheckIn state?​

    You will need to re-import and restart the registration process: Select Cluster on the left navigation bar, then select Force Update

    caution

    WaitCheckIn status for Rancher v2.5: The cluster will show in WaitCheckIn status because the fleet-controller is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the Rancher docs.

    GitRepo complains with gzip: invalid header​

    When you see an error like the one below ...

    Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header

    ... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content.

    Agent is no longer registered​

    You can force a redeployment of an agent for a given cluster by setting redeployAgentGeneration.

    kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p '[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]'

    Nested GitRepo CRs​

    Managing Fleet within Fleet (nested GitRepo usage) is not currently supported. We will update the documentation if support becomes available.

    Migrate the local cluster to the Fleet default cluster workspace?​

    Users can create new workspaces and move clusters across workspaces. -It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/tut-deployment.html b/0.9/tut-deployment.html index 6f06b3157..29d46e5b6 100644 --- a/0.9/tut-deployment.html +++ b/0.9/tut-deployment.html @@ -4,7 +4,7 @@ Creating a Deployment | Fleet - + @@ -13,8 +13,8 @@ For more details on the options that are available per Git repository see Adding a GitRepo.

    Single-Cluster Examples​

    All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet.

    An example using Helm. We are deploying the helm example to the local cluster.

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment:

    fleet.yaml
    namespace: fleet-helm-example

    # Custom helm options
    helm:
      # The release name to use. If empty a generated release name will be used
      releaseName: guestbook

      # The directory of the chart in the repo.  Also any valid go-getter supported
      # URL can be used there is specify where to download the chart from.
      # If repo below is set this value if the chart name in the repo
      chart: ""

      # An https to a valid Helm repository to download the chart from
      repo: ""

      # Used if repo is set to look up the version of the chart
      version: ""

      # Force recreate resource that can not be updated
      force: false

      # How long for helm to wait for the release to be active. If the value
      # is less that or equal to zero, we will not wait in Helm
      timeoutSeconds: 0

      # Custom values that will be passed as values.yaml to the installation
      values:
        replicas: 2

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-local namespace contains the local cluster resource. The local fleet-agent will create the deployment in the fleet-helm-example namespace.

    kubectl apply -n fleet-local -f - <<EOF
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - single-cluster/helm
    EOF

    Multi-Cluster Examples​

    The examples below will deploy a multi git repo to multiple clusters at once and configure the app differently for each target.

    An example using Helm. We are deploying the helm example and customizing it per target cluster

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment. The fleet.yaml is used to configure different deployment options, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-helm-example
    targetCustomizations:
    - name: dev
      helm:
        values:
          replication: false
      clusterSelector:
        matchLabels:
          env: dev

    - name: test
      helm:
        values:
          replicas: 3
      clusterSelector:
        matchLabels:
          env: test

    - name: prod
      helm:
        values:
          serviceType: LoadBalancer
          replicas: 3
      clusterSelector:
        matchLabels:
          env: prod

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/helm
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod

    By applying the gitrepo resource to the upstream cluster, fleet will start to monitor the repository and create deployments:

    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +The application will be customized as follows per environment:

    • Dev clusters: Only the redis leader is deployed and not the followers.
    • Test clusters: Scale the front deployment to 3
    • Prod clusters: Scale the front deployment to 3 and set the service type to LoadBalancer

    The fleet.yaml is used to control which 'yaml' overlays are used, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-manifest-example
    targetCustomizations:
    - name: dev
      clusterSelector:
        matchLabels:
          env: dev
      yaml:
        overlays:
        # Refers to overlays/noreplication folder
        - noreplication

    - name: test
      clusterSelector:
        matchLabels:
          env: test
      yaml:
        overlays:
        # Refers to overlays/scale3 folder
        - scale3

    - name: prod
      clusterSelector:
        matchLabels:
          env: prod
      yaml:
        # Refers to overlays/servicelb, scale3 folders
        overlays:
        - servicelb
        - scale3

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: manifests
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/manifests
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod
    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/uninstall.html b/0.9/uninstall.html index 664d1dd9e..bbb85ca08 100644 --- a/0.9/uninstall.html +++ b/0.9/uninstall.html @@ -4,15 +4,15 @@ Uninstall | Fleet - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    caution

    Uninstalling the CRDs will remove all deployed workloads.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/0.9/webhook.html b/0.9/webhook.html index 10c9b40e5..935908f72 100644 --- a/0.9/webhook.html +++ b/0.9/webhook.html @@ -4,15 +4,15 @@ Using Webhooks Instead of Polling | Fleet - +
    Version: 0.9

    Using Webhooks Instead of Polling

    By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens).

    For installations with multiple tens up to hundreds of Git repos, and in general to reduce latency (the time between a push to Git and fleet reacting to it), configuring webhooks is recommended instead of polling.

    Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs.

    1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.​

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: webhook-ingress
      namespace: cattle-fleet-system
    spec:
      rules:
      - host: your.domain.com
        http:
          paths:
            - path: /
              pathType: Prefix
              backend:
                service:
                  name: gitjob
                  port:
                    number: 80
    info

    You can configure TLS on ingress.

    2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.​

    Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default. If your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the -secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/404.html b/404.html index 18d81ac46..d17376779 100644 --- a/404.html +++ b/404.html @@ -4,13 +4,13 @@ Page Not Found | Fleet - +

    Page Not Found

    We could not find what you were looking for.

    Please contact the owner of the site that linked you to the original URL and let them know their link is broken.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - + \ No newline at end of file diff --git a/architecture.html b/architecture.html index d2adbb657..2846090f6 100644 --- a/architecture.html +++ b/architecture.html @@ -4,7 +4,7 @@ Architecture | Fleet - + @@ -28,8 +28,8 @@ The cluster registration token is used only during the registration process to g to that cluster. After the cluster credential is established the cluster "forgets" the cluster registration token.

    The service accounts given to the clusters only have privileges to list BundleDeployment in the namespace created specifically for that cluster. It can also update the status subresource of BundleDeployment and the status -subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +subresource of it's Cluster resource.

    Component Overview​

    An overview of the components and how they interact on a high level.

    Components

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/assets/js/01b4035b.e1320638.js b/assets/js/01b4035b.1ffc0d4a.js similarity index 99% rename from assets/js/01b4035b.e1320638.js rename to assets/js/01b4035b.1ffc0d4a.js index d218c2699..fac8837d1 100644 --- a/assets/js/01b4035b.e1320638.js +++ b/assets/js/01b4035b.1ffc0d4a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8002],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/docs/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/namespaces.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/gitrepo-content"},next:{title:"Custom Resources During Deployment",permalink:"/resources-during-deployment"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("p",null,"The cluster registration namespace contains the cluster and the clusterregistration resources, as well as any gitrepos and bundles."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8002],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/docs/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/namespaces.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/gitrepo-content"},next:{title:"Custom Resources During Deployment",permalink:"/resources-during-deployment"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("p",null,"The cluster registration namespace contains the cluster and the clusterregistration resources, as well as any gitrepos and bundles."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file diff --git a/assets/js/0209d9e7.a8c12e8a.js b/assets/js/0209d9e7.baeb46a9.js similarity index 98% rename from assets/js/0209d9e7.a8c12e8a.js rename to assets/js/0209d9e7.baeb46a9.js index e5af87f6c..44df1a1be 100644 --- a/assets/js/0209d9e7.a8c12e8a.js +++ b/assets/js/0209d9e7.baeb46a9.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9766],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),l=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},p=function(e){var t=l(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=l(n),d=o,f=m["".concat(c,".").concat(d)]||m[d]||u[d]||a;return n?r.createElement(f,s(s({ref:t},p),{},{components:n})):r.createElement(f,s({ref:t},p))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,s=new Array(a);s[0]=m;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,s[1]=i;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>l});var r=n(7462),o=(n(7294),n(3905));const a={},s="GitRepo Resource",i={unversionedId:"ref-gitrepo",id:"version-0.7/ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/versioned_docs/version-0.7/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/0.7/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-gitrepo.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/0.7/ref-fleet-yaml"},next:{title:"Bundle Resource",permalink:"/0.7/ref-bundle"}},c={},l=[],p={toc:l};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.\n # Credentials will always be used if it is empty or not provided\n #\n # helmRepoURLRegex: https://charts.rancher.io/*\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n # If empty, the "default" cluster group is used.\n #\n # targets: ...\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9766],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),l=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},p=function(e){var t=l(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=l(n),d=o,f=m["".concat(c,".").concat(d)]||m[d]||u[d]||a;return n?r.createElement(f,s(s({ref:t},p),{},{components:n})):r.createElement(f,s({ref:t},p))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,s=new Array(a);s[0]=m;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,s[1]=i;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>l});var r=n(7462),o=(n(7294),n(3905));const a={},s="GitRepo Resource",i={unversionedId:"ref-gitrepo",id:"version-0.7/ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/versioned_docs/version-0.7/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/0.7/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-gitrepo.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/0.7/ref-fleet-yaml"},next:{title:"Bundle Resource",permalink:"/0.7/ref-bundle"}},c={},l=[],p={toc:l};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.\n # Credentials will always be used if it is empty or not provided\n #\n # helmRepoURLRegex: https://charts.rancher.io/*\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n # If empty, the "default" cluster group is used.\n #\n # targets: ...\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/0252b8ff.10821caf.js b/assets/js/0252b8ff.03f9e3e6.js similarity index 99% rename from assets/js/0252b8ff.10821caf.js rename to assets/js/0252b8ff.03f9e3e6.js index bcfc097b3..5320b7209 100644 --- a/assets/js/0252b8ff.10821caf.js +++ b/assets/js/0252b8ff.03f9e3e6.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4311],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>m});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),m=r,h=c["".concat(s,".").concat(m)]||c[m]||d[m]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function m(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Expected Repo Structure",i={unversionedId:"gitrepo-structure",id:"version-0.4/gitrepo-structure",title:"Expected Repo Structure",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.4/gitrepo-structure.md",sourceDirName:".",slug:"/gitrepo-structure",permalink:"/0.4/gitrepo-structure",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/gitrepo-structure.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Adding a GitRepo",permalink:"/0.4/gitrepo-add"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.4/gitrepo-targets"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Reference",id:"reference",level:3},{value:"Private Helm Repositories",id:"private-helm-repositories",level:3},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle state",id:"cluster-and-bundle-state",level:2}],u={toc:p};function d(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"expected-repo-structure"},"Expected Repo Structure"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/0.4/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/0.4/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/0.4/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("h3",{id:"reference"},"Reference"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",{parentName:"admonition"},(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helmValues")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),".")))),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n variableName: global.fleet.clusterLabels.LABELNAME\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default \n key: values.yaml\n secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector: agroup\n \n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. \n clusterName: dev-cluster \n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n - name: one-multi-cluster-hello-world\n')),(0,r.kt)("h3",{id:"private-helm-repositories"},"Private Helm Repositories"),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in downstream clusters."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata: \n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file we be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle state"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/0.4/cluster-bundles-state"},"Cluster and Bundle state"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4311],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>m});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),m=r,h=c["".concat(s,".").concat(m)]||c[m]||d[m]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function m(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Expected Repo Structure",i={unversionedId:"gitrepo-structure",id:"version-0.4/gitrepo-structure",title:"Expected Repo Structure",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.4/gitrepo-structure.md",sourceDirName:".",slug:"/gitrepo-structure",permalink:"/0.4/gitrepo-structure",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/gitrepo-structure.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Adding a GitRepo",permalink:"/0.4/gitrepo-add"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.4/gitrepo-targets"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Reference",id:"reference",level:3},{value:"Private Helm Repositories",id:"private-helm-repositories",level:3},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle state",id:"cluster-and-bundle-state",level:2}],u={toc:p};function d(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"expected-repo-structure"},"Expected Repo Structure"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/0.4/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/0.4/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/0.4/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("h3",{id:"reference"},"Reference"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",{parentName:"admonition"},(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helmValues")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),".")))),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n variableName: global.fleet.clusterLabels.LABELNAME\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default \n key: values.yaml\n secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector: agroup\n \n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. \n clusterName: dev-cluster \n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n - name: one-multi-cluster-hello-world\n')),(0,r.kt)("h3",{id:"private-helm-repositories"},"Private Helm Repositories"),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in downstream clusters."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata: \n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file we be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle state"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/0.4/cluster-bundles-state"},"Cluster and Bundle state"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/02d72f40.de92bba9.js b/assets/js/02d72f40.f5baa9d6.js similarity index 99% rename from assets/js/02d72f40.de92bba9.js rename to assets/js/02d72f40.f5baa9d6.js index 55f84480b..41dafcc06 100644 --- a/assets/js/02d72f40.de92bba9.js +++ b/assets/js/02d72f40.f5baa9d6.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7940],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,n=e.parentName,d=i(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(n,".").concat(p)]||u[p]||h[p]||s;return a?r.createElement(m,o(o({ref:t},d),{},{components:a})):r.createElement(m,o({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,o=new Array(s);o[0]=u;var i={};for(var n in t)hasOwnProperty.call(t,n)&&(i[n]=t[n]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>o,default:()=>h,frontMatter:()=>s,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const s={title:"v0.7.0",date:"2023-06-12 13:24:29 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.7.0",id:"version-0.7/changelogs/changelogs/v0.7.0",title:"v0.7.0",description:"(rancherio-gh-m) released this 2023-06-12 1329 +0000 UTC",source:"@site/versioned_docs/version-0.7/changelogs/changelogs/v0.7.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.7.0",permalink:"/0.7/changelogs/changelogs/v0.7.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/changelogs/changelogs/v0.7.0.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.7.0",date:"2023-06-12 13:24:29 +0000 UTC"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.7/troubleshooting"},next:{title:"v0.7.1",permalink:"/0.7/changelogs/changelogs/v0.7.1"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-06-12 13:24:29 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("p",null,"The packaged helm chart ",(0,l.kt)("code",null,"fleet-0.7.0.tgz")," was reuploaded to fix the Gitjob version constraint following ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1759128522","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1593","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1593/hovercard",href:"https://github.com/rancher/fleet/pull/1593"},"#1593")),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add agent config for tolerations, affinity, resources on cluster by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1637728835","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1433","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1433/hovercard",href:"https://github.com/rancher/fleet/pull/1433"},"#1433")),(0,l.kt)("li",null,"Add JSON schema validation for agent customization in cluster CRD by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1683157339","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1490","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1490/hovercard",href:"https://github.com/rancher/fleet/pull/1490"},"#1490")),(0,l.kt)("li",null,"Configure tolerations for fleet-agent from cluster CR by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rajiteh/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rajiteh"},"@rajiteh")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1473805824","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1154","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1154/hovercard",href:"https://github.com/rancher/fleet/pull/1154"},"#1154")),(0,l.kt)("li",null,"Agent registration recovery by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rancherbot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rancherbot"},"@rancherbot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1741381268","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1579","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1579/hovercard",href:"https://github.com/rancher/fleet/pull/1579"},"#1579")),(0,l.kt)("li",null,"Clean up orphaned request service accounts, remove unused managed annotations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1574308682","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1310","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1310/hovercard",href:"https://github.com/rancher/fleet/pull/1310"},"#1310")),(0,l.kt)("li",null,"Add flag to disable local cluster bootstrap by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504965604","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1207","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1207/hovercard",href:"https://github.com/rancher/fleet/pull/1207"},"#1207")),(0,l.kt)("li",null,"Fix agent not starting in old fleet-system namespace by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1579937640","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1316","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1316/hovercard",href:"https://github.com/rancher/fleet/pull/1316"},"#1316")),(0,l.kt)("li",null,"Configure FLEET_CLUSTER_ENQUEUE_DELAY in helm chart by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/johnjcool/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/johnjcool"},"@johnjcool")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1622878430","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1404","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1404/hovercard",href:"https://github.com/rancher/fleet/pull/1404"},"#1404")),(0,l.kt)("li",null,"Do not always create a Bundle for the root path by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1572931152","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1309","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1309/hovercard",href:"https://github.com/rancher/fleet/pull/1309"},"#1309")),(0,l.kt)("li",null,"Always get labels from Bundle when creating a BundleDeployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1634035180","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1428","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1428/hovercard",href:"https://github.com/rancher/fleet/pull/1428"},"#1428")),(0,l.kt)("li",null,"Add helm capabilities to agent's deployer by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1560096890","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1287","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1287/hovercard",href:"https://github.com/rancher/fleet/pull/1287"},"#1287")),(0,l.kt)("li",null,"Add waitForJobs as a helm option by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1587738708","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1330","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1330/hovercard",href:"https://github.com/rancher/fleet/pull/1330"},"#1330")),(0,l.kt)("li",null,"Allow resources to be kept when deleting a GitRepo or a Bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1613422358","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1382","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1382/hovercard",href:"https://github.com/rancher/fleet/pull/1382"},"#1382")),(0,l.kt)("li",null,"Improve behavior on failed deployments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1678637183","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1485","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1485/hovercard",href:"https://github.com/rancher/fleet/pull/1485"},"#1485")),(0,l.kt)("li",null,"Add ignore conditions for the status of deployed custom resources by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1676498420","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1482","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1482/hovercard",href:"https://github.com/rancher/fleet/pull/1482"},"#1482"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Ensure fleet-agent's helm release name has valid length by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1603305549","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1353","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1353/hovercard",href:"https://github.com/rancher/fleet/pull/1353"},"#1353")),(0,l.kt)("li",null,"Ensure ClusterRegistrationToken name is below 63 characters by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1606556526","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1360","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1360/hovercard",href:"https://github.com/rancher/fleet/pull/1360"},"#1360")),(0,l.kt)("li",null,"AllowedRepoPatterns in GitRepoRestriction is matched against Repo by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/johnjcool/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/johnjcool"},"@johnjcool")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1611495191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1379","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1379/hovercard",href:"https://github.com/rancher/fleet/pull/1379"},"#1379")),(0,l.kt)("li",null,"Properly set keepResources if releaseName is empty by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1618615310","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1394","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1394/hovercard",href:"https://github.com/rancher/fleet/pull/1394"},"#1394")),(0,l.kt)("li",null,"Retry helm upgrade if it was interrupted by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1631722825","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1424","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1424/hovercard",href:"https://github.com/rancher/fleet/pull/1424"},"#1424")),(0,l.kt)("li",null,"Fix BundleNamespaceMapping ignoring bundle selector by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1631922521","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1425","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1425/hovercard",href:"https://github.com/rancher/fleet/pull/1425"},"#1425")),(0,l.kt)("li",null,"Don't ignore config map reference in valuesFrom list element by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1636072808","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1431","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1431/hovercard",href:"https://github.com/rancher/fleet/pull/1431"},"#1431")),(0,l.kt)("li",null,"Agent should only select Linux nodes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1693766556","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1505","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1505/hovercard",href:"https://github.com/rancher/fleet/pull/1505"},"#1505")),(0,l.kt)("li",null,"Also check chart with the helmRepoURLRegex by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1593772790","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1341","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1341/hovercard",href:"https://github.com/rancher/fleet/pull/1341"},"#1341")),(0,l.kt)("li",null,"Fix cluster targeting and missing customizations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1666045658","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1473","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1473/hovercard",href:"https://github.com/rancher/fleet/pull/1473"},"#1473"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add container security context to fleet-agent helm chart by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/puffitos/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/puffitos"},"@puffitos")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1562171016","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1293","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1293/hovercard",href:"https://github.com/rancher/fleet/pull/1293"},"#1293")),(0,l.kt)("li",null,"Managed fleet-agent uses same securityContext as helm chart by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1579373211","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1314","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1314/hovercard",href:"https://github.com/rancher/fleet/pull/1314"},"#1314")),(0,l.kt)("li",null,"Remove fleet-agent simulators by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504951189","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1206","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1206/hovercard",href:"https://github.com/rancher/fleet/pull/1206"},"#1206")),(0,l.kt)("li",null,"Remove flag to disable leaderElection for simulators by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1632219997","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1426","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1426/hovercard",href:"https://github.com/rancher/fleet/pull/1426"},"#1426")),(0,l.kt)("li",null,"Add Github action to release Fleet against Rancher by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1598491527","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1346","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1346/hovercard",href:"https://github.com/rancher/fleet/pull/1346"},"#1346")),(0,l.kt)("li",null,"Change version number for nightly releases by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1608705004","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1367","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1367/hovercard",href:"https://github.com/rancher/fleet/pull/1367"},"#1367")),(0,l.kt)("li",null,"Log regex compilation error in git repo restriction with patterns by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1613666739","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1383","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1383/hovercard",href:"https://github.com/rancher/fleet/pull/1383"},"#1383")),(0,l.kt)("li",null,"Split Examples Tests from E2E Tests by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1619159167","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1397","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1397/hovercard",href:"https://github.com/rancher/fleet/pull/1397"},"#1397")),(0,l.kt)("li",null,"Add nightly e2e workflow to test more k8s versions by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1701958086","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1518","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1518/hovercard",href:"https://github.com/rancher/fleet/pull/1518"},"#1518")),(0,l.kt)("li",null,"Replace deprecated command in Github action with environment file by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/jongwooo/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/jongwooo"},"@jongwooo")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1689964438","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1500","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1500/hovercard",href:"https://github.com/rancher/fleet/pull/1500"},"#1500"))),(0,l.kt)("h2",null,"New Contributors"),(0,l.kt)("ul",null,(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/johnjcool/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/johnjcool"},"@johnjcool")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1611495191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1379","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1379/hovercard",href:"https://github.com/rancher/fleet/pull/1379"},"#1379")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1662723966","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1472","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1472/hovercard",href:"https://github.com/rancher/fleet/pull/1472"},"#1472")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/jongwooo/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/jongwooo"},"@jongwooo")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1689964438","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1500","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1500/hovercard",href:"https://github.com/rancher/fleet/pull/1500"},"#1500"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.6.0...v0.7.0"},(0,l.kt)("tt",null,"v0.6.0...v0.7.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-0.7.0.tgz"},"fleet-0.7.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-crd-0.7.0.tgz"},"fleet-crd-0.7.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-agent-0.7.0.tgz"},"fleet-agent-0.7.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.7.0"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7940],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,n=e.parentName,d=i(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(n,".").concat(p)]||u[p]||h[p]||s;return a?r.createElement(m,o(o({ref:t},d),{},{components:a})):r.createElement(m,o({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,o=new Array(s);o[0]=u;var i={};for(var n in t)hasOwnProperty.call(t,n)&&(i[n]=t[n]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>o,default:()=>h,frontMatter:()=>s,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const s={title:"v0.7.0",date:"2023-06-12 13:24:29 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.7.0",id:"version-0.7/changelogs/changelogs/v0.7.0",title:"v0.7.0",description:"(rancherio-gh-m) released this 2023-06-12 1329 +0000 UTC",source:"@site/versioned_docs/version-0.7/changelogs/changelogs/v0.7.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.7.0",permalink:"/0.7/changelogs/changelogs/v0.7.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/changelogs/changelogs/v0.7.0.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.7.0",date:"2023-06-12 13:24:29 +0000 UTC"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.7/troubleshooting"},next:{title:"v0.7.1",permalink:"/0.7/changelogs/changelogs/v0.7.1"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-06-12 13:24:29 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("p",null,"The packaged helm chart ",(0,l.kt)("code",null,"fleet-0.7.0.tgz")," was reuploaded to fix the Gitjob version constraint following ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1759128522","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1593","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1593/hovercard",href:"https://github.com/rancher/fleet/pull/1593"},"#1593")),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add agent config for tolerations, affinity, resources on cluster by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1637728835","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1433","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1433/hovercard",href:"https://github.com/rancher/fleet/pull/1433"},"#1433")),(0,l.kt)("li",null,"Add JSON schema validation for agent customization in cluster CRD by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1683157339","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1490","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1490/hovercard",href:"https://github.com/rancher/fleet/pull/1490"},"#1490")),(0,l.kt)("li",null,"Configure tolerations for fleet-agent from cluster CR by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rajiteh/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rajiteh"},"@rajiteh")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1473805824","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1154","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1154/hovercard",href:"https://github.com/rancher/fleet/pull/1154"},"#1154")),(0,l.kt)("li",null,"Agent registration recovery by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rancherbot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rancherbot"},"@rancherbot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1741381268","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1579","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1579/hovercard",href:"https://github.com/rancher/fleet/pull/1579"},"#1579")),(0,l.kt)("li",null,"Clean up orphaned request service accounts, remove unused managed annotations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1574308682","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1310","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1310/hovercard",href:"https://github.com/rancher/fleet/pull/1310"},"#1310")),(0,l.kt)("li",null,"Add flag to disable local cluster bootstrap by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504965604","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1207","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1207/hovercard",href:"https://github.com/rancher/fleet/pull/1207"},"#1207")),(0,l.kt)("li",null,"Fix agent not starting in old fleet-system namespace by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1579937640","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1316","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1316/hovercard",href:"https://github.com/rancher/fleet/pull/1316"},"#1316")),(0,l.kt)("li",null,"Configure FLEET_CLUSTER_ENQUEUE_DELAY in helm chart by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/johnjcool/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/johnjcool"},"@johnjcool")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1622878430","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1404","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1404/hovercard",href:"https://github.com/rancher/fleet/pull/1404"},"#1404")),(0,l.kt)("li",null,"Do not always create a Bundle for the root path by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1572931152","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1309","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1309/hovercard",href:"https://github.com/rancher/fleet/pull/1309"},"#1309")),(0,l.kt)("li",null,"Always get labels from Bundle when creating a BundleDeployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1634035180","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1428","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1428/hovercard",href:"https://github.com/rancher/fleet/pull/1428"},"#1428")),(0,l.kt)("li",null,"Add helm capabilities to agent's deployer by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1560096890","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1287","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1287/hovercard",href:"https://github.com/rancher/fleet/pull/1287"},"#1287")),(0,l.kt)("li",null,"Add waitForJobs as a helm option by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1587738708","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1330","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1330/hovercard",href:"https://github.com/rancher/fleet/pull/1330"},"#1330")),(0,l.kt)("li",null,"Allow resources to be kept when deleting a GitRepo or a Bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1613422358","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1382","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1382/hovercard",href:"https://github.com/rancher/fleet/pull/1382"},"#1382")),(0,l.kt)("li",null,"Improve behavior on failed deployments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1678637183","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1485","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1485/hovercard",href:"https://github.com/rancher/fleet/pull/1485"},"#1485")),(0,l.kt)("li",null,"Add ignore conditions for the status of deployed custom resources by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1676498420","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1482","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1482/hovercard",href:"https://github.com/rancher/fleet/pull/1482"},"#1482"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Ensure fleet-agent's helm release name has valid length by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1603305549","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1353","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1353/hovercard",href:"https://github.com/rancher/fleet/pull/1353"},"#1353")),(0,l.kt)("li",null,"Ensure ClusterRegistrationToken name is below 63 characters by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1606556526","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1360","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1360/hovercard",href:"https://github.com/rancher/fleet/pull/1360"},"#1360")),(0,l.kt)("li",null,"AllowedRepoPatterns in GitRepoRestriction is matched against Repo by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/johnjcool/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/johnjcool"},"@johnjcool")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1611495191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1379","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1379/hovercard",href:"https://github.com/rancher/fleet/pull/1379"},"#1379")),(0,l.kt)("li",null,"Properly set keepResources if releaseName is empty by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1618615310","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1394","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1394/hovercard",href:"https://github.com/rancher/fleet/pull/1394"},"#1394")),(0,l.kt)("li",null,"Retry helm upgrade if it was interrupted by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1631722825","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1424","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1424/hovercard",href:"https://github.com/rancher/fleet/pull/1424"},"#1424")),(0,l.kt)("li",null,"Fix BundleNamespaceMapping ignoring bundle selector by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1631922521","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1425","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1425/hovercard",href:"https://github.com/rancher/fleet/pull/1425"},"#1425")),(0,l.kt)("li",null,"Don't ignore config map reference in valuesFrom list element by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1636072808","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1431","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1431/hovercard",href:"https://github.com/rancher/fleet/pull/1431"},"#1431")),(0,l.kt)("li",null,"Agent should only select Linux nodes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1693766556","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1505","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1505/hovercard",href:"https://github.com/rancher/fleet/pull/1505"},"#1505")),(0,l.kt)("li",null,"Also check chart with the helmRepoURLRegex by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1593772790","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1341","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1341/hovercard",href:"https://github.com/rancher/fleet/pull/1341"},"#1341")),(0,l.kt)("li",null,"Fix cluster targeting and missing customizations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1666045658","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1473","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1473/hovercard",href:"https://github.com/rancher/fleet/pull/1473"},"#1473"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add container security context to fleet-agent helm chart by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/puffitos/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/puffitos"},"@puffitos")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1562171016","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1293","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1293/hovercard",href:"https://github.com/rancher/fleet/pull/1293"},"#1293")),(0,l.kt)("li",null,"Managed fleet-agent uses same securityContext as helm chart by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1579373211","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1314","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1314/hovercard",href:"https://github.com/rancher/fleet/pull/1314"},"#1314")),(0,l.kt)("li",null,"Remove fleet-agent simulators by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504951189","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1206","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1206/hovercard",href:"https://github.com/rancher/fleet/pull/1206"},"#1206")),(0,l.kt)("li",null,"Remove flag to disable leaderElection for simulators by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1632219997","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1426","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1426/hovercard",href:"https://github.com/rancher/fleet/pull/1426"},"#1426")),(0,l.kt)("li",null,"Add Github action to release Fleet against Rancher by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1598491527","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1346","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1346/hovercard",href:"https://github.com/rancher/fleet/pull/1346"},"#1346")),(0,l.kt)("li",null,"Change version number for nightly releases by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1608705004","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1367","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1367/hovercard",href:"https://github.com/rancher/fleet/pull/1367"},"#1367")),(0,l.kt)("li",null,"Log regex compilation error in git repo restriction with patterns by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1613666739","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1383","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1383/hovercard",href:"https://github.com/rancher/fleet/pull/1383"},"#1383")),(0,l.kt)("li",null,"Split Examples Tests from E2E Tests by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1619159167","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1397","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1397/hovercard",href:"https://github.com/rancher/fleet/pull/1397"},"#1397")),(0,l.kt)("li",null,"Add nightly e2e workflow to test more k8s versions by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1701958086","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1518","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1518/hovercard",href:"https://github.com/rancher/fleet/pull/1518"},"#1518")),(0,l.kt)("li",null,"Replace deprecated command in Github action with environment file by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/jongwooo/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/jongwooo"},"@jongwooo")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1689964438","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1500","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1500/hovercard",href:"https://github.com/rancher/fleet/pull/1500"},"#1500"))),(0,l.kt)("h2",null,"New Contributors"),(0,l.kt)("ul",null,(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/johnjcool/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/johnjcool"},"@johnjcool")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1611495191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1379","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1379/hovercard",href:"https://github.com/rancher/fleet/pull/1379"},"#1379")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1662723966","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1472","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1472/hovercard",href:"https://github.com/rancher/fleet/pull/1472"},"#1472")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/jongwooo/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/jongwooo"},"@jongwooo")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1689964438","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1500","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1500/hovercard",href:"https://github.com/rancher/fleet/pull/1500"},"#1500"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.6.0...v0.7.0"},(0,l.kt)("tt",null,"v0.6.0...v0.7.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-0.7.0.tgz"},"fleet-0.7.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-crd-0.7.0.tgz"},"fleet-crd-0.7.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-agent-0.7.0.tgz"},"fleet-agent-0.7.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.0/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.7.0"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/0364e902.a2bab5df.js b/assets/js/0364e902.a49f9f5b.js similarity index 99% rename from assets/js/0364e902.a2bab5df.js rename to assets/js/0364e902.a49f9f5b.js index d289f6430..d1523ede9 100644 --- a/assets/js/0364e902.a2bab5df.js +++ b/assets/js/0364e902.a49f9f5b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1263],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.7/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.7/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.7/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/namespaces.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/0.7/gitrepo-content"},next:{title:"Custom Resources",permalink:"/0.7/ref-resources"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/0.7/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/0.7/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/0.7/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1263],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.7/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.7/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.7/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/namespaces.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/0.7/gitrepo-content"},next:{title:"Custom Resources",permalink:"/0.7/ref-resources"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/0.7/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/0.7/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/0.7/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file diff --git a/assets/js/045f7301.e05b81eb.js b/assets/js/045f7301.e2401d61.js similarity index 98% rename from assets/js/045f7301.e05b81eb.js rename to assets/js/045f7301.e2401d61.js index 83e8211d7..2ce659347 100644 --- a/assets/js/045f7301.e05b81eb.js +++ b/assets/js/045f7301.e2401d61.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[127],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var a=n.createContext({}),s=function(e){var t=n.useContext(a),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(a.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,i=e.originalType,a=e.parentName,f=c(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,g=u["".concat(a,".").concat(d)]||u[d]||p[d]||i;return r?n.createElement(g,o(o({ref:t},f),{},{components:r})):n.createElement(g,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var i=r.length,o=new Array(i);o[0]=u;var c={};for(var a in t)hasOwnProperty.call(t,a)&&(c[a]=t[a]);c.originalType=e,c.mdxType="string"==typeof e?e:l,o[1]=c;for(var s=2;s{r.r(t),r.d(t,{assets:()=>a,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>c,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const i={title:"",sidebar_label:"fleet gitcloner"},o=void 0,c={unversionedId:"cli/fleet-cli/fleet_gitcloner",id:"cli/fleet-cli/fleet_gitcloner",title:"",description:"fleet gitcloner",source:"@site/docs/cli/fleet-cli/fleet_gitcloner.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_gitcloner",permalink:"/cli/fleet-cli/fleet_gitcloner",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_gitcloner.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet gitcloner"}},a={},s=[{value:"fleet gitcloner",id:"fleet-gitcloner",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-gitcloner"},"fleet gitcloner"),(0,l.kt)("p",null,"Clones a git repository"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet gitcloner [REPO] [PATH] [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --branch string git branch\n --ca-bundle-file string CA bundle file\n -h, --help help for gitcloner\n --insecure-skip-tls do not verify tls certificates\n --known-hosts-file string known hosts file\n --password-file string password file for basic auth\n --revision string git revision\n --ssh-private-key-file string ssh private key file path\n -u, --username string user name for basic auth\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[127],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var a=n.createContext({}),s=function(e){var t=n.useContext(a),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(a.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,i=e.originalType,a=e.parentName,f=c(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,g=u["".concat(a,".").concat(d)]||u[d]||p[d]||i;return r?n.createElement(g,o(o({ref:t},f),{},{components:r})):n.createElement(g,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var i=r.length,o=new Array(i);o[0]=u;var c={};for(var a in t)hasOwnProperty.call(t,a)&&(c[a]=t[a]);c.originalType=e,c.mdxType="string"==typeof e?e:l,o[1]=c;for(var s=2;s{r.r(t),r.d(t,{assets:()=>a,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>c,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const i={title:"",sidebar_label:"fleet gitcloner"},o=void 0,c={unversionedId:"cli/fleet-cli/fleet_gitcloner",id:"cli/fleet-cli/fleet_gitcloner",title:"",description:"fleet gitcloner",source:"@site/docs/cli/fleet-cli/fleet_gitcloner.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_gitcloner",permalink:"/cli/fleet-cli/fleet_gitcloner",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_gitcloner.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet gitcloner"}},a={},s=[{value:"fleet gitcloner",id:"fleet-gitcloner",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-gitcloner"},"fleet gitcloner"),(0,l.kt)("p",null,"Clones a git repository"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet gitcloner [REPO] [PATH] [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --branch string git branch\n --ca-bundle-file string CA bundle file\n -h, --help help for gitcloner\n --insecure-skip-tls do not verify tls certificates\n --known-hosts-file string known hosts file\n --password-file string password file for basic auth\n --revision string git revision\n --ssh-private-key-file string ssh private key file path\n -u, --username string user name for basic auth\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/07686352.61b159cc.js b/assets/js/07686352.7c21bbbf.js similarity index 98% rename from assets/js/07686352.61b159cc.js rename to assets/js/07686352.7c21bbbf.js index 797d3785c..246fc69c5 100644 --- a/assets/js/07686352.61b159cc.js +++ b/assets/js/07686352.7c21bbbf.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6373],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>d});var r=a(7294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var s=r.createContext({}),p=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=p(e.components);return r.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,l=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=p(a),d=n,h=u["".concat(s,".").concat(d)]||u[d]||m[d]||l;return a?r.createElement(h,o(o({ref:t},c),{},{components:a})):r.createElement(h,o({ref:t},c))}));function d(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var l=a.length,o=new Array(l);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var r=a(7462),n=(a(7294),a(3905));const l={title:"v0.9.2",date:"2024-03-22 15:49:16 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.9.2",id:"version-0.9/changelogs/changelogs/v0.9.2",title:"v0.9.2",description:"(rancherio-gh-m) released this 2024-03-22 1516 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.2.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.2",permalink:"/0.9/changelogs/changelogs/v0.9.2",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.2.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.2",date:"2024-03-22 15:49:16 +0000 UTC"},sidebar:"docs",previous:{title:"v0.9.1",permalink:"/0.9/changelogs/changelogs/v0.9.1"},next:{title:"v0.9.3",permalink:"/0.9/changelogs/changelogs/v0.9.3"}},s={},p=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],c={toc:p};function m(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,r.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-03-22 15:49:16 +0000 UTC*")),(0,n.kt)("h2",{id:"description"},"Description"),(0,n.kt)("h2",null,"What's Changed"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"[0.9] Revert trigger rework 0.9 by ",(0,n.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,n.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2202396570","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2258","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2258/hovercard",href:"https://github.com/rancher/fleet/pull/2258"},"#2258"))),(0,n.kt)("p",null,(0,n.kt)("strong",null,"Full Changelog"),": ",(0,n.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.9.1...v0.9.2"},(0,n.kt)("tt",null,"v0.9.1...v0.9.2"))),(0,n.kt)("h2",{id:"download"},"Download"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-crd-0.9.2.tgz"},"fleet-crd-0.9.2.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-agent-0.9.2.tgz"},"fleet-agent-0.9.2.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-0.9.2.tgz"},"fleet-0.9.2.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,n.kt)("p",null,(0,n.kt)("em",{parentName:"p"},"Information retrieved from ",(0,n.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.2"},"here"))))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6373],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>d});var r=a(7294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var s=r.createContext({}),p=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=p(e.components);return r.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,l=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=p(a),d=n,h=u["".concat(s,".").concat(d)]||u[d]||m[d]||l;return a?r.createElement(h,o(o({ref:t},c),{},{components:a})):r.createElement(h,o({ref:t},c))}));function d(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var l=a.length,o=new Array(l);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var r=a(7462),n=(a(7294),a(3905));const l={title:"v0.9.2",date:"2024-03-22 15:49:16 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.9.2",id:"version-0.9/changelogs/changelogs/v0.9.2",title:"v0.9.2",description:"(rancherio-gh-m) released this 2024-03-22 1516 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.2.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.2",permalink:"/0.9/changelogs/changelogs/v0.9.2",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.2.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.2",date:"2024-03-22 15:49:16 +0000 UTC"},sidebar:"docs",previous:{title:"v0.9.1",permalink:"/0.9/changelogs/changelogs/v0.9.1"},next:{title:"v0.9.3",permalink:"/0.9/changelogs/changelogs/v0.9.3"}},s={},p=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],c={toc:p};function m(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,r.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-03-22 15:49:16 +0000 UTC*")),(0,n.kt)("h2",{id:"description"},"Description"),(0,n.kt)("h2",null,"What's Changed"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"[0.9] Revert trigger rework 0.9 by ",(0,n.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,n.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2202396570","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2258","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2258/hovercard",href:"https://github.com/rancher/fleet/pull/2258"},"#2258"))),(0,n.kt)("p",null,(0,n.kt)("strong",null,"Full Changelog"),": ",(0,n.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.9.1...v0.9.2"},(0,n.kt)("tt",null,"v0.9.1...v0.9.2"))),(0,n.kt)("h2",{id:"download"},"Download"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-crd-0.9.2.tgz"},"fleet-crd-0.9.2.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-agent-0.9.2.tgz"},"fleet-agent-0.9.2.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-0.9.2.tgz"},"fleet-0.9.2.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.2/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,n.kt)("p",null,(0,n.kt)("em",{parentName:"p"},"Information retrieved from ",(0,n.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.2"},"here"))))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/07db75e5.fa996e94.js b/assets/js/07db75e5.2add4119.js similarity index 98% rename from assets/js/07db75e5.fa996e94.js rename to assets/js/07db75e5.2add4119.js index 7131a4346..9259f5e5d 100644 --- a/assets/js/07db75e5.fa996e94.js +++ b/assets/js/07db75e5.2add4119.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7966],{6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},8469:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>h,frontMatter:()=>s,metadata:()=>p,toc:()=>d});var a=n(7462),l=(n(7294),n(3905)),i=n(6828),r=n(814);const s={},o="Agent Initiated",p={unversionedId:"agent-initiated",id:"version-0.5/agent-initiated",title:"Agent Initiated",description:"Refer to the overview page for a background information on the agent initiated registration style.",source:"@site/versioned_docs/version-0.5/agent-initiated.md",sourceDirName:".",slug:"/agent-initiated",permalink:"/0.5/agent-initiated",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/agent-initiated.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Tokens",permalink:"/0.5/cluster-tokens"},next:{title:"Manager Initiated",permalink:"/0.5/manager-initiated"}},c={},d=[{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:2},{value:"Install agent for a new Cluster",id:"install-agent-for-a-new-cluster",level:2},{value:"Install agent for a predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:2}],u={toc:d};function h(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"agent-initiated"},"Agent Initiated"),(0,l.kt)("p",null,"Refer to the ",(0,l.kt)("a",{parentName:"p",href:"/0.5/cluster-overview#agent-initiated-registration"},"overview page")," for a background information on the agent initiated registration style."),(0,l.kt)("h2",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,l.kt)("p",null,"A downstream cluster is registered using the ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,l.kt)("strong",{parentName:"p"},"client ID")," or ",(0,l.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required. Refer to the ",(0,l.kt)("a",{parentName:"p",href:"/0.5/cluster-tokens"},"cluster registration token page")," for more information\non how to create tokens and obtain the values. The cluster registration token is manifested as a ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will\nbe passed to the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm install")," process."),(0,l.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,l.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,l.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,l.kt)("h2",{id:"install-agent-for-a-new-cluster"},"Install agent for a new Cluster"),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,l.kt)("p",null,"First, follow the ",(0,l.kt)("a",{parentName:"p",href:"/0.5/cluster-tokens"},"cluster registration token page")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,l.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,l.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,l.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,l.kt)("p",null,"Value in ",(0,l.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,l.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,l.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"warning"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent'," ",i.d["v0.5"].fleetAgent),(0,l.kt)("p",null,"The agent should now be deployed. You can check that status of the fleet pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")),(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.5/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")),(0,l.kt)("h2",{id:"install-agent-for-a-predefined-cluster"},"Install agent for a predefined Cluster"),(0,l.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,l.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,l.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,l.kt)("p",null,"First, create a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,l.kt)("p",null,"Second, follow the ",(0,l.kt)("a",{parentName:"p",href:"/0.5/cluster-tokens"},"cluster registration token page")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,l.kt)("p",null,"Third, setup your environment to use the client ID."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent'," ",i.d["v0.5"].fleetAgent),(0,l.kt)("p",null,"The agent should now be deployed. You can check that status of the fleet pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")),(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.5/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7966],{6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},8469:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>h,frontMatter:()=>s,metadata:()=>p,toc:()=>d});var a=n(7462),l=(n(7294),n(3905)),i=n(6828),r=n(814);const s={},o="Agent Initiated",p={unversionedId:"agent-initiated",id:"version-0.5/agent-initiated",title:"Agent Initiated",description:"Refer to the overview page for a background information on the agent initiated registration style.",source:"@site/versioned_docs/version-0.5/agent-initiated.md",sourceDirName:".",slug:"/agent-initiated",permalink:"/0.5/agent-initiated",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/agent-initiated.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Tokens",permalink:"/0.5/cluster-tokens"},next:{title:"Manager Initiated",permalink:"/0.5/manager-initiated"}},c={},d=[{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:2},{value:"Install agent for a new Cluster",id:"install-agent-for-a-new-cluster",level:2},{value:"Install agent for a predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:2}],u={toc:d};function h(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"agent-initiated"},"Agent Initiated"),(0,l.kt)("p",null,"Refer to the ",(0,l.kt)("a",{parentName:"p",href:"/0.5/cluster-overview#agent-initiated-registration"},"overview page")," for a background information on the agent initiated registration style."),(0,l.kt)("h2",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,l.kt)("p",null,"A downstream cluster is registered using the ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,l.kt)("strong",{parentName:"p"},"client ID")," or ",(0,l.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required. Refer to the ",(0,l.kt)("a",{parentName:"p",href:"/0.5/cluster-tokens"},"cluster registration token page")," for more information\non how to create tokens and obtain the values. The cluster registration token is manifested as a ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will\nbe passed to the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm install")," process."),(0,l.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,l.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,l.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,l.kt)("h2",{id:"install-agent-for-a-new-cluster"},"Install agent for a new Cluster"),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,l.kt)("p",null,"First, follow the ",(0,l.kt)("a",{parentName:"p",href:"/0.5/cluster-tokens"},"cluster registration token page")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,l.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,l.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,l.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,l.kt)("p",null,"Value in ",(0,l.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,l.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,l.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"warning"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent'," ",i.d["v0.5"].fleetAgent),(0,l.kt)("p",null,"The agent should now be deployed. You can check that status of the fleet pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")),(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.5/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")),(0,l.kt)("h2",{id:"install-agent-for-a-predefined-cluster"},"Install agent for a predefined Cluster"),(0,l.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,l.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,l.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,l.kt)("p",null,"First, create a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,l.kt)("p",null,"Second, follow the ",(0,l.kt)("a",{parentName:"p",href:"/0.5/cluster-tokens"},"cluster registration token page")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,l.kt)("p",null,"Third, setup your environment to use the client ID."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent'," ",i.d["v0.5"].fleetAgent),(0,l.kt)("p",null,"The agent should now be deployed. You can check that status of the fleet pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")),(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.5/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/08aff371.cabd1a2c.js b/assets/js/08aff371.22221506.js similarity index 99% rename from assets/js/08aff371.cabd1a2c.js rename to assets/js/08aff371.22221506.js index d51369df5..0dc261168 100644 --- a/assets/js/08aff371.cabd1a2c.js +++ b/assets/js/08aff371.22221506.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5253],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>h});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var o=r.createContext({}),u=function(e){var t=r.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},p=function(e){var t=u(e.components);return r.createElement(o.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,o=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),c=u(a),h=l,m=c["".concat(o,".").concat(h)]||c[h]||d[h]||n;return a?r.createElement(m,i(i({ref:t},p),{},{components:a})):r.createElement(m,i({ref:t},p))}));function h(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,i=new Array(n);i[0]=c;var s={};for(var o in t)hasOwnProperty.call(t,o)&&(s[o]=t[o]);s.originalType=e,s.mdxType="string"==typeof e?e:l,i[1]=s;for(var u=2;u{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>i,default:()=>d,frontMatter:()=>n,metadata:()=>s,toc:()=>u});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.5.0",date:"2022-11-10 17:33:25 +0000 UTC"},i=void 0,s={unversionedId:"changelogs/changelogs/v0.5.0",id:"version-0.5/changelogs/changelogs/v0.5.0",title:"v0.5.0",description:"(rancherio-gh-m) released this 2022-11-10 1725 +0000 UTC",source:"@site/versioned_docs/version-0.5/changelogs/changelogs/v0.5.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.5.0",permalink:"/0.5/changelogs/changelogs/v0.5.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/changelogs/v0.5.0.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.5.0",date:"2022-11-10 17:33:25 +0000 UTC"},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.5/uninstall"},next:{title:"v0.5.1",permalink:"/0.5/changelogs/changelogs/v0.5.1"}},o={},u=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],p={toc:u};function d(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2022-11-10 17:33:25 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add support for OCI registry based charts in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1374417940","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/975","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/975/hovercard",href:"https://github.com/rancher/fleet/pull/975"},"#975")),(0,l.kt)("li",null,"Adds priorityClassName to deployments in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1375241093","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/983","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/983/hovercard",href:"https://github.com/rancher/fleet/pull/983"},"#983")),(0,l.kt)("li",null,"Support cluster specific registry in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1376060309","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/984","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/984/hovercard",href:"https://github.com/rancher/fleet/pull/984"},"#984"),", ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1425273236","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1060","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1060/hovercard",href:"https://github.com/rancher/fleet/pull/1060"},"#1060")),(0,l.kt)("li",null,"Add cluster labels to agent config creation")),(0,l.kt)("h2",null,"Bug Fixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Fix long bundle names in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1368153506","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/964","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/964/hovercard",href:"https://github.com/rancher/fleet/pull/964"},"#964")),(0,l.kt)("li",null,"Remove ignored fields from status struct, to avoid loop in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1378101691","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/990","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/990/hovercard",href:"https://github.com/rancher/fleet/pull/990"},"#990")),(0,l.kt)("li",null,"Fix for cluster registration token performance degradation in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1383563179","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/998","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/998/hovercard",href:"https://github.com/rancher/fleet/pull/998"},"#998")),(0,l.kt)("li",null,"Fix authentication for OCI images in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1383563179","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/998","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/998/hovercard",href:"https://github.com/rancher/fleet/pull/998"},"#998")),(0,l.kt)("li",null,"Stop requeuing on failed deployments in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1418520927","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1045","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1045/hovercard",href:"https://github.com/rancher/fleet/pull/1045"},"#1045"))),(0,l.kt)("h2",null,"Changes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Updating GitJob to ",(0,l.kt)("a",{href:"https://github.com/rancher/gitjob/releases/tag/v0.1.32"},"0.1.32")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1373552451","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/972","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/972/hovercard",href:"https://github.com/rancher/fleet/pull/972"},"#972")),(0,l.kt)("li",null,"Setting the Kubernetes libs at 0.24.5 in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1375016478","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/981","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/981/hovercard",href:"https://github.com/rancher/fleet/pull/981"},"#981")),(0,l.kt)("li",null,"Bump bci/bci-base 15.4.27.11.23 in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1377416834","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/989","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/989/hovercard",href:"https://github.com/rancher/fleet/pull/989"},"#989"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.4.0...v0.5.0"},(0,l.kt)("tt",null,"v0.4.0...v0.5.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-crd-0.5.0.tgz"},"fleet-crd-0.5.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-agent-0.5.0.tgz"},"fleet-agent-0.5.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-0.5.0.tgz"},"fleet-0.5.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.5.0"},"here"))))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5253],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>h});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var o=r.createContext({}),u=function(e){var t=r.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},p=function(e){var t=u(e.components);return r.createElement(o.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,o=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),c=u(a),h=l,m=c["".concat(o,".").concat(h)]||c[h]||d[h]||n;return a?r.createElement(m,i(i({ref:t},p),{},{components:a})):r.createElement(m,i({ref:t},p))}));function h(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,i=new Array(n);i[0]=c;var s={};for(var o in t)hasOwnProperty.call(t,o)&&(s[o]=t[o]);s.originalType=e,s.mdxType="string"==typeof e?e:l,i[1]=s;for(var u=2;u{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>i,default:()=>d,frontMatter:()=>n,metadata:()=>s,toc:()=>u});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.5.0",date:"2022-11-10 17:33:25 +0000 UTC"},i=void 0,s={unversionedId:"changelogs/changelogs/v0.5.0",id:"version-0.5/changelogs/changelogs/v0.5.0",title:"v0.5.0",description:"(rancherio-gh-m) released this 2022-11-10 1725 +0000 UTC",source:"@site/versioned_docs/version-0.5/changelogs/changelogs/v0.5.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.5.0",permalink:"/0.5/changelogs/changelogs/v0.5.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/changelogs/v0.5.0.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.5.0",date:"2022-11-10 17:33:25 +0000 UTC"},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.5/uninstall"},next:{title:"v0.5.1",permalink:"/0.5/changelogs/changelogs/v0.5.1"}},o={},u=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],p={toc:u};function d(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2022-11-10 17:33:25 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add support for OCI registry based charts in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1374417940","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/975","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/975/hovercard",href:"https://github.com/rancher/fleet/pull/975"},"#975")),(0,l.kt)("li",null,"Adds priorityClassName to deployments in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1375241093","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/983","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/983/hovercard",href:"https://github.com/rancher/fleet/pull/983"},"#983")),(0,l.kt)("li",null,"Support cluster specific registry in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1376060309","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/984","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/984/hovercard",href:"https://github.com/rancher/fleet/pull/984"},"#984"),", ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1425273236","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1060","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1060/hovercard",href:"https://github.com/rancher/fleet/pull/1060"},"#1060")),(0,l.kt)("li",null,"Add cluster labels to agent config creation")),(0,l.kt)("h2",null,"Bug Fixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Fix long bundle names in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1368153506","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/964","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/964/hovercard",href:"https://github.com/rancher/fleet/pull/964"},"#964")),(0,l.kt)("li",null,"Remove ignored fields from status struct, to avoid loop in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1378101691","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/990","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/990/hovercard",href:"https://github.com/rancher/fleet/pull/990"},"#990")),(0,l.kt)("li",null,"Fix for cluster registration token performance degradation in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1383563179","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/998","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/998/hovercard",href:"https://github.com/rancher/fleet/pull/998"},"#998")),(0,l.kt)("li",null,"Fix authentication for OCI images in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1383563179","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/998","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/998/hovercard",href:"https://github.com/rancher/fleet/pull/998"},"#998")),(0,l.kt)("li",null,"Stop requeuing on failed deployments in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1418520927","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1045","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1045/hovercard",href:"https://github.com/rancher/fleet/pull/1045"},"#1045"))),(0,l.kt)("h2",null,"Changes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Updating GitJob to ",(0,l.kt)("a",{href:"https://github.com/rancher/gitjob/releases/tag/v0.1.32"},"0.1.32")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1373552451","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/972","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/972/hovercard",href:"https://github.com/rancher/fleet/pull/972"},"#972")),(0,l.kt)("li",null,"Setting the Kubernetes libs at 0.24.5 in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1375016478","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/981","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/981/hovercard",href:"https://github.com/rancher/fleet/pull/981"},"#981")),(0,l.kt)("li",null,"Bump bci/bci-base 15.4.27.11.23 in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1377416834","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/989","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/989/hovercard",href:"https://github.com/rancher/fleet/pull/989"},"#989"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.4.0...v0.5.0"},(0,l.kt)("tt",null,"v0.4.0...v0.5.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-crd-0.5.0.tgz"},"fleet-crd-0.5.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-agent-0.5.0.tgz"},"fleet-agent-0.5.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-0.5.0.tgz"},"fleet-0.5.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.0/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.5.0"},"here"))))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/095d9053.f6e7c26b.js b/assets/js/095d9053.8011f220.js similarity index 99% rename from assets/js/095d9053.f6e7c26b.js rename to assets/js/095d9053.8011f220.js index 52329bf4a..003bae9ac 100644 --- a/assets/js/095d9053.f6e7c26b.js +++ b/assets/js/095d9053.8011f220.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6700],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),d=r,h=c["".concat(s,".").concat(d)]||c[d]||m[d]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Mapping to Downstream Clusters",i={unversionedId:"gitrepo-targets",id:"version-0.8/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/versioned_docs/version-0.8/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.8/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/gitrepo-targets.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/0.8/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.8/bundle-diffs"}},s={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Supported Customizations",id:"supported-customizations",level:3},{value:"Additional Examples",id:"additional-examples",level:2}],u={toc:p};function m(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style\nIf no targets are specified, i.e. when using a single-cluster, the bundles target the default cluster group.")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n # Match everything\n - clusterSelector: {}\n # Selector ignored\n - clusterSelector: null\n")),(0,r.kt)("p",null,"You can also match clusters by name:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n - clusterName: fleetname\n")),(0,r.kt)("p",null,"When using Fleet in Rancher, make sure to put the name of the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource."),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"The ",(0,r.kt)("inlineCode",{parentName:"p"},"targets:")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource select clusters to deploy on. The ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations:")," in ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," override Helm values only and do not change targeting.")),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),":")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("h3",{id:"supported-customizations"},"Supported Customizations"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"DefaultNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ForceSyncGeneration"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"KeepResources"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ServiceAccount"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"TargetNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Atomic"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Chart"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.DisablePreProcess"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Force"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ReleaseName"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Repo"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TakeOwnership"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TimeoutSeconds"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ValuesFrom"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Values"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Version")),(0,r.kt)("admonition",{parentName:"li",title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will\ndeploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed\netcd's configured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details."))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.WaitForJobs"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#kustomizeoptions"},"Kustomize.Dir"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#yamloptions"},"YAML.Overlays"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#diffoptions"},"Diff.ComparePatches")))),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6700],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),d=r,h=c["".concat(s,".").concat(d)]||c[d]||m[d]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Mapping to Downstream Clusters",i={unversionedId:"gitrepo-targets",id:"version-0.8/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/versioned_docs/version-0.8/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.8/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/gitrepo-targets.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/0.8/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.8/bundle-diffs"}},s={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Supported Customizations",id:"supported-customizations",level:3},{value:"Additional Examples",id:"additional-examples",level:2}],u={toc:p};function m(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style\nIf no targets are specified, i.e. when using a single-cluster, the bundles target the default cluster group.")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n # Match everything\n - clusterSelector: {}\n # Selector ignored\n - clusterSelector: null\n")),(0,r.kt)("p",null,"You can also match clusters by name:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n - clusterName: fleetname\n")),(0,r.kt)("p",null,"When using Fleet in Rancher, make sure to put the name of the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource."),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"The ",(0,r.kt)("inlineCode",{parentName:"p"},"targets:")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource select clusters to deploy on. The ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations:")," in ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," override Helm values only and do not change targeting.")),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),":")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("h3",{id:"supported-customizations"},"Supported Customizations"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"DefaultNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ForceSyncGeneration"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"KeepResources"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ServiceAccount"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"TargetNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Atomic"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Chart"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.DisablePreProcess"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Force"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ReleaseName"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Repo"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TakeOwnership"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TimeoutSeconds"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ValuesFrom"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Values"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Version")),(0,r.kt)("admonition",{parentName:"li",title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will\ndeploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed\netcd's configured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details."))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.WaitForJobs"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#kustomizeoptions"},"Kustomize.Dir"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#yamloptions"},"YAML.Overlays"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#diffoptions"},"Diff.ComparePatches")))),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/0a06c365.32bb41e2.js b/assets/js/0a06c365.a8b246ed.js similarity index 98% rename from assets/js/0a06c365.32bb41e2.js rename to assets/js/0a06c365.a8b246ed.js index 9f55d5014..d2dae04e6 100644 --- a/assets/js/0a06c365.32bb41e2.js +++ b/assets/js/0a06c365.a8b246ed.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1371],{6828:(e,t,n)=>{n.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},2615:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>o,default:()=>m,frontMatter:()=>i,metadata:()=>c,toc:()=>p});var l=n(7462),a=(n(7294),n(3905)),r=n(6828),s=n(814);const i={},o="Multi Cluster Install",c={unversionedId:"multi-cluster-install",id:"version-0.5/multi-cluster-install",title:"Multi Cluster Install",description:"Note: Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under Continuous Delivery on Rancher.",source:"@site/versioned_docs/version-0.5/multi-cluster-install.md",sourceDirName:".",slug:"/multi-cluster-install",permalink:"/0.5/multi-cluster-install",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/multi-cluster-install.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Single Cluster Install",permalink:"/0.5/single-cluster-install"},next:{title:"Uninstall",permalink:"/0.5/uninstall"}},u={},p=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Helm 3",id:"helm-3",level:3},{value:"Kubernetes",id:"kubernetes",level:3},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:2},{value:"Install",id:"install",level:2}],d={toc:p};function m(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,l.Z)({},d,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"multi-cluster-install"},"Multi Cluster Install"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Note:")," Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,a.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Warning:")," The multi-cluster install described below is ",(0,a.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA. "),(0,a.kt)("p",null,"In the below use case, you will setup a centralized Fleet manager. The centralized Fleet manager is a\nKubernetes cluster running the Fleet controllers. After installing the Fleet manager, you will then\nneed to register remote downstream clusters with the Fleet manager."),(0,a.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,a.kt)("h3",{id:"helm-3"},"Helm 3"),(0,a.kt)("p",null,"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is\nfairly straight forward. To install the Helm 3 CLI follow the\n",(0,a.kt)("a",{parentName:"p",href:"https://helm.sh/docs/intro/install/"},"official install instructions"),". The TL;DR is"),(0,a.kt)("p",null,"macOS"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,a.kt)("p",null,"Windows"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"choco install kubernetes-helm\n")),(0,a.kt)("h3",{id:"kubernetes"},"Kubernetes"),(0,a.kt)("p",null,"The Fleet manager is a controller running on a Kubernetes cluster so an existing cluster is required. All\ndownstream cluster that will be managed will need to communicate to this central Kubernetes cluster. This\nmeans the Kubernetes API server URL must be accessible to the downstream clusters. Any Kubernetes community\nsupported version of Kubernetes will work, in practice this means 1.15 or greater."),(0,a.kt)("h2",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,a.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,a.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config"),"). The ",(0,a.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,a.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,a.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,a.kt)("p",null,"Please note that the ",(0,a.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,a.kt)("p",null,"If you have ",(0,a.kt)("inlineCode",{parentName:"p"},"jq")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"base64")," available then this one-liners will pull all CA certificates from your\n",(0,a.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," and place then in a file named ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n")),(0,a.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')),(0,a.kt)("h2",{id:"install"},"Install"),(0,a.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,a.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,a.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,a.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,a.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,a.kt)("p",null,"Run the following commands"),(0,a.kt)("p",null,"Setup the environment with your specific values."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,a.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,a.kt)("p",null,"First validate the server URL is correct."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"curl -fLk ${API_SERVER_URL}/version\n")),(0,a.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,a.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,a.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,a.kt)("inlineCode",{parentName:"p"},"--cacert ${API_SERVER_CA}")," part of the command."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"curl -fL --cacert ${API_SERVER_CA} ${API_SERVER_URL}/version\n")),(0,a.kt)("p",null,"If you get a valid JSON response or an ",(0,a.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,a.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,a.kt)("inlineCode",{parentName:"p"},"${API_SERVER_CA}")," file should look similar to the below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,a.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,a.kt)("p",null,"First install the Fleet CustomResourcesDefintions."),(0,a.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d["v0.5"].fleetCRD),(0,a.kt)("p",null,"Second install the Fleet controllers."),(0,a.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="${API_SERVER_URL}" \\\n --set-file apiServerCA="${API_SERVER_CA}" \\\n fleet'," ",r.d["v0.5"].fleet),(0,a.kt)("p",null,"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,a.kt)("a",{parentName:"p",href:"/0.5/cluster-overview"},"register clusters")," and ",(0,a.kt)("a",{parentName:"p",href:"/0.5/gitrepo-add"},"git repos")," with\nthe Fleet manager."))}m.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>l});const l=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1371],{6828:(e,t,n)=>{n.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},2615:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>o,default:()=>m,frontMatter:()=>i,metadata:()=>c,toc:()=>p});var l=n(7462),a=(n(7294),n(3905)),r=n(6828),s=n(814);const i={},o="Multi Cluster Install",c={unversionedId:"multi-cluster-install",id:"version-0.5/multi-cluster-install",title:"Multi Cluster Install",description:"Note: Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under Continuous Delivery on Rancher.",source:"@site/versioned_docs/version-0.5/multi-cluster-install.md",sourceDirName:".",slug:"/multi-cluster-install",permalink:"/0.5/multi-cluster-install",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/multi-cluster-install.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Single Cluster Install",permalink:"/0.5/single-cluster-install"},next:{title:"Uninstall",permalink:"/0.5/uninstall"}},u={},p=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Helm 3",id:"helm-3",level:3},{value:"Kubernetes",id:"kubernetes",level:3},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:2},{value:"Install",id:"install",level:2}],d={toc:p};function m(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,l.Z)({},d,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"multi-cluster-install"},"Multi Cluster Install"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Note:")," Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,a.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Warning:")," The multi-cluster install described below is ",(0,a.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA. "),(0,a.kt)("p",null,"In the below use case, you will setup a centralized Fleet manager. The centralized Fleet manager is a\nKubernetes cluster running the Fleet controllers. After installing the Fleet manager, you will then\nneed to register remote downstream clusters with the Fleet manager."),(0,a.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,a.kt)("h3",{id:"helm-3"},"Helm 3"),(0,a.kt)("p",null,"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is\nfairly straight forward. To install the Helm 3 CLI follow the\n",(0,a.kt)("a",{parentName:"p",href:"https://helm.sh/docs/intro/install/"},"official install instructions"),". The TL;DR is"),(0,a.kt)("p",null,"macOS"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,a.kt)("p",null,"Windows"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"choco install kubernetes-helm\n")),(0,a.kt)("h3",{id:"kubernetes"},"Kubernetes"),(0,a.kt)("p",null,"The Fleet manager is a controller running on a Kubernetes cluster so an existing cluster is required. All\ndownstream cluster that will be managed will need to communicate to this central Kubernetes cluster. This\nmeans the Kubernetes API server URL must be accessible to the downstream clusters. Any Kubernetes community\nsupported version of Kubernetes will work, in practice this means 1.15 or greater."),(0,a.kt)("h2",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,a.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,a.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config"),"). The ",(0,a.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,a.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,a.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,a.kt)("p",null,"Please note that the ",(0,a.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,a.kt)("p",null,"If you have ",(0,a.kt)("inlineCode",{parentName:"p"},"jq")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"base64")," available then this one-liners will pull all CA certificates from your\n",(0,a.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," and place then in a file named ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n")),(0,a.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')),(0,a.kt)("h2",{id:"install"},"Install"),(0,a.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,a.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,a.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,a.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,a.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,a.kt)("p",null,"Run the following commands"),(0,a.kt)("p",null,"Setup the environment with your specific values."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,a.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,a.kt)("p",null,"First validate the server URL is correct."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"curl -fLk ${API_SERVER_URL}/version\n")),(0,a.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,a.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,a.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,a.kt)("inlineCode",{parentName:"p"},"--cacert ${API_SERVER_CA}")," part of the command."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"curl -fL --cacert ${API_SERVER_CA} ${API_SERVER_URL}/version\n")),(0,a.kt)("p",null,"If you get a valid JSON response or an ",(0,a.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,a.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,a.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,a.kt)("inlineCode",{parentName:"p"},"${API_SERVER_CA}")," file should look similar to the below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,a.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,a.kt)("p",null,"First install the Fleet CustomResourcesDefintions."),(0,a.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d["v0.5"].fleetCRD),(0,a.kt)("p",null,"Second install the Fleet controllers."),(0,a.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="${API_SERVER_URL}" \\\n --set-file apiServerCA="${API_SERVER_CA}" \\\n fleet'," ",r.d["v0.5"].fleet),(0,a.kt)("p",null,"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,a.kt)("a",{parentName:"p",href:"/0.5/cluster-overview"},"register clusters")," and ",(0,a.kt)("a",{parentName:"p",href:"/0.5/gitrepo-add"},"git repos")," with\nthe Fleet manager."))}m.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>l});const l=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file diff --git a/assets/js/0ab79735.e1c21583.js b/assets/js/0ab79735.e70e0bc9.js similarity index 99% rename from assets/js/0ab79735.e1c21583.js rename to assets/js/0ab79735.e70e0bc9.js index e29c7fa87..8063b2988 100644 --- a/assets/js/0ab79735.e1c21583.js +++ b/assets/js/0ab79735.e70e0bc9.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7333],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),u=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:a}=e;const l=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,i]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),g=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=u[a].value;l!==i&&(d(t),o(l))},m=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},4951:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var l=a(7462),n=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const u={},c="Installation Details",d={unversionedId:"installation",id:"version-0.8/installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/versioned_docs/version-0.8/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.8/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/installation.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources During Deployment",permalink:"/0.8/resources-during-deployment"},next:{title:"Register Downstream Clusters",permalink:"/0.8/cluster-registration"}},p={},m=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],h={toc:m};function f(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"installation-details"},"Installation Details"),(0,n.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,n.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d.next.kubernetes," or greater.")),(0,n.kt)("h2",{id:"default-install"},"Default Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)("p",null,"First add Fleet's Helm repository."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd"),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet")),(0,n.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,n.kt)("h2",{id:"configuration-for-multi-cluster"},"Configuration for Multi-Cluster"),(0,n.kt)("admonition",{type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,n.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,n.kt)("p",{parentName:"admonition"},"The multi-cluster install described below is ",(0,n.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA.")),(0,n.kt)("admonition",{type:"info"},(0,n.kt)("p",{parentName:"admonition"},"The setup is the same as for a single cluster.\nAfter installing the Fleet manager, you will then need to register remote downstream clusters with the Fleet manager."),(0,n.kt)("p",{parentName:"admonition"},"However, to allow for ",(0,n.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#manager-initiated"},"manager-initiated registration")," of downstream clusters, a few extra settings are required. Without the API server URL and the CA, only ",(0,n.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#agent-initiated"},"agent-initiated registration")," of downstream clusters is possible.")),(0,n.kt)("h3",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,n.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,n.kt)("inlineCode",{parentName:"p"},"$HOME/.kube/config"),"). The ",(0,n.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="$HOME/.kube/config"',title:'"$HOME/.kube/config"'},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,n.kt)("h4",{id:"extract-ca-certificate"},"Extract CA certificate"),(0,n.kt)("p",null,"Please note that the ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,n.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,n.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,n.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,n.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("h4",{id:"validate"},"Validate"),(0,n.kt)("p",null,"First validate the server URL is correct."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,n.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,n.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"If you get a valid JSON response or an ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,n.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,n.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,n.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,n.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,n.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,n.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,n.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,n.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,n.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First add Fleet's Helm repository.",(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d.next.fleetCRD),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d.next.fleet)),(0,n.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.8/cluster-registration"},"register clusters")," and ",(0,n.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7333],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),u=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:a}=e;const l=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,i]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),g=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=u[a].value;l!==i&&(d(t),o(l))},m=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},4951:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var l=a(7462),n=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const u={},c="Installation Details",d={unversionedId:"installation",id:"version-0.8/installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/versioned_docs/version-0.8/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.8/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/installation.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources During Deployment",permalink:"/0.8/resources-during-deployment"},next:{title:"Register Downstream Clusters",permalink:"/0.8/cluster-registration"}},p={},m=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],h={toc:m};function f(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"installation-details"},"Installation Details"),(0,n.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,n.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d.next.kubernetes," or greater.")),(0,n.kt)("h2",{id:"default-install"},"Default Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)("p",null,"First add Fleet's Helm repository."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd"),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet")),(0,n.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,n.kt)("h2",{id:"configuration-for-multi-cluster"},"Configuration for Multi-Cluster"),(0,n.kt)("admonition",{type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,n.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,n.kt)("p",{parentName:"admonition"},"The multi-cluster install described below is ",(0,n.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA.")),(0,n.kt)("admonition",{type:"info"},(0,n.kt)("p",{parentName:"admonition"},"The setup is the same as for a single cluster.\nAfter installing the Fleet manager, you will then need to register remote downstream clusters with the Fleet manager."),(0,n.kt)("p",{parentName:"admonition"},"However, to allow for ",(0,n.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#manager-initiated"},"manager-initiated registration")," of downstream clusters, a few extra settings are required. Without the API server URL and the CA, only ",(0,n.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#agent-initiated"},"agent-initiated registration")," of downstream clusters is possible.")),(0,n.kt)("h3",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,n.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,n.kt)("inlineCode",{parentName:"p"},"$HOME/.kube/config"),"). The ",(0,n.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="$HOME/.kube/config"',title:'"$HOME/.kube/config"'},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,n.kt)("h4",{id:"extract-ca-certificate"},"Extract CA certificate"),(0,n.kt)("p",null,"Please note that the ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,n.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,n.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,n.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,n.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("h4",{id:"validate"},"Validate"),(0,n.kt)("p",null,"First validate the server URL is correct."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,n.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,n.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"If you get a valid JSON response or an ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,n.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,n.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,n.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,n.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,n.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,n.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,n.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,n.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,n.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First add Fleet's Helm repository.",(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d.next.fleetCRD),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d.next.fleet)),(0,n.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.8/cluster-registration"},"register clusters")," and ",(0,n.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/0acb2694.b62fbfdf.js b/assets/js/0acb2694.2e373bf4.js similarity index 97% rename from assets/js/0acb2694.b62fbfdf.js rename to assets/js/0acb2694.2e373bf4.js index 34c64253b..e9bebe438 100644 --- a/assets/js/0acb2694.b62fbfdf.js +++ b/assets/js/0acb2694.2e373bf4.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[961],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=f(n),d=l,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>f});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"version-0.8/cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/versioned_docs/version-0.8/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/0.8/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-cli/fleet.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/0.8/cli/fleet-agent/"},next:{title:"fleet apply",permalink:"/0.8/cli/fleet-cli/fleet_apply"}},c={},f=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:f};function s(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet"},"fleet"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_test"},"fleet test"),"\t - Match a bundle to a target and render the output")))}s.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[961],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=f(n),d=l,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>f});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"version-0.8/cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/versioned_docs/version-0.8/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/0.8/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-cli/fleet.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/0.8/cli/fleet-agent/"},next:{title:"fleet apply",permalink:"/0.8/cli/fleet-cli/fleet_apply"}},c={},f=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:f};function s(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet"},"fleet"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_test"},"fleet test"),"\t - Match a bundle to a target and render the output")))}s.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/0bd7b06f.c18dffaf.js b/assets/js/0bd7b06f.d65ac2fb.js similarity index 99% rename from assets/js/0bd7b06f.c18dffaf.js rename to assets/js/0bd7b06f.d65ac2fb.js index 1f3103e1d..a5f9c22b8 100644 --- a/assets/js/0bd7b06f.c18dffaf.js +++ b/assets/js/0bd7b06f.d65ac2fb.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6422],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>h});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),s=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},d=function(e){var t=s(e.components);return n.createElement(p.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),m=s(a),h=r,u=m["".concat(p,".").concat(h)]||m[h]||c[h]||i;return a?n.createElement(u,l(l({ref:t},d),{},{components:a})):n.createElement(u,l({ref:t},d))}));function h(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,l=new Array(i);l[0]=m;var o={};for(var p in t)hasOwnProperty.call(t,p)&&(o[p]=t[p]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>l,default:()=>c,frontMatter:()=>i,metadata:()=>o,toc:()=>s});var n=a(7462),r=(a(7294),a(3905));const i={},l="Create a GitRepo Resource",o={unversionedId:"gitrepo-add",id:"version-0.7/gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/versioned_docs/version-0.7/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.7/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/gitrepo-add.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/0.7/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.7/gitrepo-targets"}},p={},s=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2},{value:"Use different helm credentials for each path",id:"use-different-helm-credentials-for-each-path",level:3}],d={toc:s};function c(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/0.7/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/0.7/gitrepo-content"},"Git Repository Contents")," has detail about the content of the Git repository."),(0,r.kt)("p",null,"The available fields of the GitRepo custom resource are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.7/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.7/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.7/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Use ",(0,r.kt)("a",{parentName:"p",href:"#use-different-helm-credentials-for-each-path"},"different helm credentials for each path"),",\nor split them into different gitrepos, or use ",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h3",{id:"use-different-helm-credentials-for-each-path"},"Use different helm credentials for each path"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName")," will be ignored if ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretNameForPaths")," is provided")),(0,r.kt)("p",null,"Create a file ",(0,r.kt)("inlineCode",{parentName:"p"},"secrets-path.yaml")," that contains credentials for each path defined in a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". Credentials will not be used\nfor paths that are not present in this file.\nThe path is the actual path to the bundle (ie to a folder containing a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file) within the git repository, which might have more segments than the entry under ",(0,r.kt)("inlineCode",{parentName:"p"},"paths:"),"."),(0,r.kt)("p",null,"Example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"path-one: # path path-one must exist in the repository\n username: user\n password: pass\npath-two: # path path-one must exist in the repository\n username: user2\n password: pass2\n caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=\n sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n")),(0,r.kt)("p",null,"Create the secret"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml\n")),(0,r.kt)("p",null,"In the previous example credentials for username ",(0,r.kt)("inlineCode",{parentName:"p"},"user")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-one")," and credentials for username\n",(0,r.kt)("inlineCode",{parentName:"p"},"user2")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-two"),"."),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"caBundle")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"sshPrivateKey")," must be base64 encoded."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.7/troubleshooting"},"here"),".")))}c.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6422],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>h});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),s=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},d=function(e){var t=s(e.components);return n.createElement(p.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),m=s(a),h=r,u=m["".concat(p,".").concat(h)]||m[h]||c[h]||i;return a?n.createElement(u,l(l({ref:t},d),{},{components:a})):n.createElement(u,l({ref:t},d))}));function h(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,l=new Array(i);l[0]=m;var o={};for(var p in t)hasOwnProperty.call(t,p)&&(o[p]=t[p]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>l,default:()=>c,frontMatter:()=>i,metadata:()=>o,toc:()=>s});var n=a(7462),r=(a(7294),a(3905));const i={},l="Create a GitRepo Resource",o={unversionedId:"gitrepo-add",id:"version-0.7/gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/versioned_docs/version-0.7/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.7/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/gitrepo-add.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/0.7/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.7/gitrepo-targets"}},p={},s=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2},{value:"Use different helm credentials for each path",id:"use-different-helm-credentials-for-each-path",level:3}],d={toc:s};function c(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/0.7/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/0.7/gitrepo-content"},"Git Repository Contents")," has detail about the content of the Git repository."),(0,r.kt)("p",null,"The available fields of the GitRepo custom resource are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.7/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.7/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.7/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Use ",(0,r.kt)("a",{parentName:"p",href:"#use-different-helm-credentials-for-each-path"},"different helm credentials for each path"),",\nor split them into different gitrepos, or use ",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h3",{id:"use-different-helm-credentials-for-each-path"},"Use different helm credentials for each path"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName")," will be ignored if ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretNameForPaths")," is provided")),(0,r.kt)("p",null,"Create a file ",(0,r.kt)("inlineCode",{parentName:"p"},"secrets-path.yaml")," that contains credentials for each path defined in a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". Credentials will not be used\nfor paths that are not present in this file.\nThe path is the actual path to the bundle (ie to a folder containing a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file) within the git repository, which might have more segments than the entry under ",(0,r.kt)("inlineCode",{parentName:"p"},"paths:"),"."),(0,r.kt)("p",null,"Example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"path-one: # path path-one must exist in the repository\n username: user\n password: pass\npath-two: # path path-one must exist in the repository\n username: user2\n password: pass2\n caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=\n sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n")),(0,r.kt)("p",null,"Create the secret"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml\n")),(0,r.kt)("p",null,"In the previous example credentials for username ",(0,r.kt)("inlineCode",{parentName:"p"},"user")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-one")," and credentials for username\n",(0,r.kt)("inlineCode",{parentName:"p"},"user2")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-two"),"."),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"caBundle")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"sshPrivateKey")," must be base64 encoded."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.7/troubleshooting"},"here"),".")))}c.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/0ce1d2b6.4ade5575.js b/assets/js/0ce1d2b6.46287b77.js similarity index 99% rename from assets/js/0ce1d2b6.4ade5575.js rename to assets/js/0ce1d2b6.46287b77.js index 5cee0fc8c..78cc112d3 100644 --- a/assets/js/0ce1d2b6.4ade5575.js +++ b/assets/js/0ce1d2b6.46287b77.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8646],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},d=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,d=i(e,["components","mdxType","originalType","parentName"]),m=p(n),u=r,h=m["".concat(s,".").concat(u)]||m[u]||c[u]||l;return n?a.createElement(h,o(o({ref:t},d),{},{components:n})):a.createElement(h,o({ref:t},d))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>c,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const l={},o="Git Repository Contents",i={unversionedId:"gitrepo-content",id:"version-0.6/gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.6/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/0.6/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/gitrepo-content.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/0.6/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/0.6/namespaces"}},s={},p=[{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2}],d={toc:p};function c(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.6/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.6/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/0.6/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/0.6/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/0.6/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("p",null,"The available fields are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.6/ref-fleet-yaml"},"fleet.yaml reference")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/0.6/cluster-bundles-state"},"Cluster and Bundle state"),"."))}c.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8646],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},d=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,d=i(e,["components","mdxType","originalType","parentName"]),m=p(n),u=r,h=m["".concat(s,".").concat(u)]||m[u]||c[u]||l;return n?a.createElement(h,o(o({ref:t},d),{},{components:n})):a.createElement(h,o({ref:t},d))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>c,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const l={},o="Git Repository Contents",i={unversionedId:"gitrepo-content",id:"version-0.6/gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.6/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/0.6/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/gitrepo-content.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/0.6/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/0.6/namespaces"}},s={},p=[{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2}],d={toc:p};function c(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.6/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.6/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/0.6/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/0.6/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/0.6/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("p",null,"The available fields are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.6/ref-fleet-yaml"},"fleet.yaml reference")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/0.6/cluster-bundles-state"},"Cluster and Bundle state"),"."))}c.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/0db4760e.b5f4fcac.js b/assets/js/0db4760e.0f2e7ff2.js similarity index 99% rename from assets/js/0db4760e.b5f4fcac.js rename to assets/js/0db4760e.0f2e7ff2.js index 0fc4859b4..69e2e56eb 100644 --- a/assets/js/0db4760e.b5f4fcac.js +++ b/assets/js/0db4760e.0f2e7ff2.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2771],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),l=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=l(e.components);return n.createElement(p.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=l(a),d=r,k=m["".concat(p,".").concat(d)]||m[d]||u[d]||i;return a?n.createElement(k,o(o({ref:t},c),{},{components:a})):n.createElement(k,o({ref:t},c))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,o=new Array(i);o[0]=m;var s={};for(var p in t)hasOwnProperty.call(t,p)&&(s[p]=t[p]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var l=2;l{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>o,default:()=>u,frontMatter:()=>i,metadata:()=>s,toc:()=>l});var n=a(7462),r=(a(7294),a(3905));const i={},o="Create a GitRepo Resource",s={unversionedId:"gitrepo-add",id:"version-0.6/gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/versioned_docs/version-0.6/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.6/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/gitrepo-add.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/0.6/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.6/gitrepo-targets"}},p={},l=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2}],c={toc:l};function u(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/0.6/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,"The available fields are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.6/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,r.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata: \n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,r.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,r.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,r.kt)("p",null,"The resources can then be referenced from a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Split them into different gitrepos, or use\n",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.6/troubleshooting"},"here"),".")))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2771],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),l=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=l(e.components);return n.createElement(p.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=l(a),d=r,k=m["".concat(p,".").concat(d)]||m[d]||u[d]||i;return a?n.createElement(k,o(o({ref:t},c),{},{components:a})):n.createElement(k,o({ref:t},c))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,o=new Array(i);o[0]=m;var s={};for(var p in t)hasOwnProperty.call(t,p)&&(s[p]=t[p]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var l=2;l{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>o,default:()=>u,frontMatter:()=>i,metadata:()=>s,toc:()=>l});var n=a(7462),r=(a(7294),a(3905));const i={},o="Create a GitRepo Resource",s={unversionedId:"gitrepo-add",id:"version-0.6/gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/versioned_docs/version-0.6/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.6/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/gitrepo-add.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/0.6/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.6/gitrepo-targets"}},p={},l=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2}],c={toc:l};function u(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/0.6/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,"The available fields are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.6/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,r.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata: \n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,r.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,r.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,r.kt)("p",null,"The resources can then be referenced from a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Split them into different gitrepos, or use\n",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.6/troubleshooting"},"here"),".")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/0e3fdb5a.2a961994.js b/assets/js/0e3fdb5a.379c2828.js similarity index 99% rename from assets/js/0e3fdb5a.2a961994.js rename to assets/js/0e3fdb5a.379c2828.js index aac7c2c24..b157ceba8 100644 --- a/assets/js/0e3fdb5a.2a961994.js +++ b/assets/js/0e3fdb5a.379c2828.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5512],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>h});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),s=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},d=function(e){var t=s(e.components);return n.createElement(p.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),m=s(a),h=r,u=m["".concat(p,".").concat(h)]||m[h]||c[h]||i;return a?n.createElement(u,l(l({ref:t},d),{},{components:a})):n.createElement(u,l({ref:t},d))}));function h(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,l=new Array(i);l[0]=m;var o={};for(var p in t)hasOwnProperty.call(t,p)&&(o[p]=t[p]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>l,default:()=>c,frontMatter:()=>i,metadata:()=>o,toc:()=>s});var n=a(7462),r=(a(7294),a(3905));const i={},l="Create a GitRepo Resource",o={unversionedId:"gitrepo-add",id:"version-0.9/gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/versioned_docs/version-0.9/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.9/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/gitrepo-add.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/0.9/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.9/gitrepo-targets"}},p={},s=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2},{value:"Use different helm credentials for each path",id:"use-different-helm-credentials-for-each-path",level:3}],d={toc:s};function c(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/0.9/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/0.9/gitrepo-content"},"Git Repository Contents")," has detail about the content of the Git repository."),(0,r.kt)("p",null,"The available fields of the GitRepo custom resource are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.9/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.9/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.9/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Use ",(0,r.kt)("a",{parentName:"p",href:"#use-different-helm-credentials-for-each-path"},"different helm credentials for each path"),",\nor split them into different gitrepos, or use ",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h3",{id:"use-different-helm-credentials-for-each-path"},"Use different helm credentials for each path"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName")," will be ignored if ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretNameForPaths")," is provided")),(0,r.kt)("p",null,"Create a file ",(0,r.kt)("inlineCode",{parentName:"p"},"secrets-path.yaml")," that contains credentials for each path defined in a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". Credentials will not be used\nfor paths that are not present in this file.\nThe path is the actual path to the bundle (ie to a folder containing a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file) within the git repository, which might have more segments than the entry under ",(0,r.kt)("inlineCode",{parentName:"p"},"paths:"),"."),(0,r.kt)("p",null,"Example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"path-one: # path path-one must exist in the repository\n username: user\n password: pass\npath-two: # path path-one must exist in the repository\n username: user2\n password: pass2\n caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=\n sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n")),(0,r.kt)("p",null,"Create the secret"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml\n")),(0,r.kt)("p",null,"In the previous example credentials for username ",(0,r.kt)("inlineCode",{parentName:"p"},"user")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-one")," and credentials for username\n",(0,r.kt)("inlineCode",{parentName:"p"},"user2")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-two"),"."),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"caBundle")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"sshPrivateKey")," must be base64 encoded."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.9/troubleshooting"},"here"),".")))}c.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5512],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>h});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),s=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},d=function(e){var t=s(e.components);return n.createElement(p.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),m=s(a),h=r,u=m["".concat(p,".").concat(h)]||m[h]||c[h]||i;return a?n.createElement(u,l(l({ref:t},d),{},{components:a})):n.createElement(u,l({ref:t},d))}));function h(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,l=new Array(i);l[0]=m;var o={};for(var p in t)hasOwnProperty.call(t,p)&&(o[p]=t[p]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>l,default:()=>c,frontMatter:()=>i,metadata:()=>o,toc:()=>s});var n=a(7462),r=(a(7294),a(3905));const i={},l="Create a GitRepo Resource",o={unversionedId:"gitrepo-add",id:"version-0.9/gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/versioned_docs/version-0.9/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.9/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/gitrepo-add.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/0.9/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.9/gitrepo-targets"}},p={},s=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2},{value:"Use different helm credentials for each path",id:"use-different-helm-credentials-for-each-path",level:3}],d={toc:s};function c(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/0.9/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/0.9/gitrepo-content"},"Git Repository Contents")," has detail about the content of the Git repository."),(0,r.kt)("p",null,"The available fields of the GitRepo custom resource are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.9/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.9/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.9/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Use ",(0,r.kt)("a",{parentName:"p",href:"#use-different-helm-credentials-for-each-path"},"different helm credentials for each path"),",\nor split them into different gitrepos, or use ",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h3",{id:"use-different-helm-credentials-for-each-path"},"Use different helm credentials for each path"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName")," will be ignored if ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretNameForPaths")," is provided")),(0,r.kt)("p",null,"Create a file ",(0,r.kt)("inlineCode",{parentName:"p"},"secrets-path.yaml")," that contains credentials for each path defined in a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". Credentials will not be used\nfor paths that are not present in this file.\nThe path is the actual path to the bundle (ie to a folder containing a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file) within the git repository, which might have more segments than the entry under ",(0,r.kt)("inlineCode",{parentName:"p"},"paths:"),"."),(0,r.kt)("p",null,"Example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"path-one: # path path-one must exist in the repository\n username: user\n password: pass\npath-two: # path path-one must exist in the repository\n username: user2\n password: pass2\n caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=\n sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n")),(0,r.kt)("p",null,"Create the secret"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml\n")),(0,r.kt)("p",null,"In the previous example credentials for username ",(0,r.kt)("inlineCode",{parentName:"p"},"user")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-one")," and credentials for username\n",(0,r.kt)("inlineCode",{parentName:"p"},"user2")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-two"),"."),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"caBundle")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"sshPrivateKey")," must be base64 encoded."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.9/troubleshooting"},"here"),".")))}c.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/0e50cd4d.861bb826.js b/assets/js/0e50cd4d.312523c2.js similarity index 97% rename from assets/js/0e50cd4d.861bb826.js rename to assets/js/0e50cd4d.312523c2.js index ba3590972..58dd81169 100644 --- a/assets/js/0e50cd4d.861bb826.js +++ b/assets/js/0e50cd4d.312523c2.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6560],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.5/cluster-group",title:"Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.5/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.5/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/cluster-group.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Manager Initiated",permalink:"/0.5/manager-initiated"},next:{title:"Namespaces",permalink:"/0.5/namespaces"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-groups"},"Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6560],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.5/cluster-group",title:"Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.5/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.5/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/cluster-group.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Manager Initiated",permalink:"/0.5/manager-initiated"},next:{title:"Namespaces",permalink:"/0.5/namespaces"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-groups"},"Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/0f38f188.f9b4f388.js b/assets/js/0f38f188.c32bf719.js similarity index 99% rename from assets/js/0f38f188.f9b4f388.js rename to assets/js/0f38f188.c32bf719.js index 08325ba82..acbf41e28 100644 --- a/assets/js/0f38f188.f9b4f388.js +++ b/assets/js/0f38f188.c32bf719.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6266],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"version-0.7/webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,",source:"@site/versioned_docs/version-0.7/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.7/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/webhook.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.7/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/0.7/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,\nGitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6266],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"version-0.7/webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,",source:"@site/versioned_docs/version-0.7/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.7/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/webhook.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.7/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/0.7/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,\nGitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file diff --git a/assets/js/10f03480.631c1a52.js b/assets/js/10f03480.0bc27e4b.js similarity index 98% rename from assets/js/10f03480.631c1a52.js rename to assets/js/10f03480.0bc27e4b.js index 421e18f98..b2654fa89 100644 --- a/assets/js/10f03480.631c1a52.js +++ b/assets/js/10f03480.0bc27e4b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5945],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>d});var l=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=l.createContext({}),p=function(e){var t=l.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return l.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},u=l.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=p(n),d=a,h=u["".concat(s,".").concat(d)]||u[d]||m[d]||r;return n?l.createElement(h,o(o({ref:t},c),{},{components:n})):l.createElement(h,o({ref:t},c))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,o=new Array(r);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>r,metadata:()=>i,toc:()=>p});var l=n(7462),a=(n(7294),n(3905));const r={},o="Examples",i={unversionedId:"examples",id:"version-0.4/examples",title:"Examples",description:"Lifecycle of a Fleet Bundle",source:"@site/versioned_docs/version-0.4/examples.md",sourceDirName:".",slug:"/examples",permalink:"/0.4/examples",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/examples.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.4/architecture"},next:{title:"Overview",permalink:"/0.4/cluster-overview"}},s={},p=[{value:"Lifecycle of a Fleet Bundle",id:"lifecycle-of-a-fleet-bundle",level:3},{value:"Deploy Kubernetes Manifests Across Clusters with Customization",id:"deploy-kubernetes-manifests-across-clusters-with-customization",level:3},{value:"Additional Examples",id:"additional-examples",level:3}],c={toc:p};function m(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,l.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"examples"},"Examples"),(0,a.kt)("h3",{id:"lifecycle-of-a-fleet-bundle"},"Lifecycle of a Fleet Bundle"),(0,a.kt)("p",null,"To demonstrate the lifecycle of a Fleet bundle, we will use ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"User will create a ",(0,a.kt)("a",{parentName:"li",href:"/0.4/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,a.kt)("a",{parentName:"li",href:"/0.4/webhook"},"webhook event"),". With every commit change, the ",(0,a.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,a.kt)("a",{parentName:"li",href:"/0.4/cluster-bundles-state#bundles"},"bundle"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,a.kt)("ol",{start:3},(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,a.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,a.kt)("h3",{id:"deploy-kubernetes-manifests-across-clusters-with-customization"},"Deploy Kubernetes Manifests Across Clusters with Customization"),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,a.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters using Fleet, we will use ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml")," as a case study."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,a.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,a.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,a.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Expected behavior:")," "),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,a.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,a.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,a.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,a.kt)("li",{parentName:"ol"},"Under ",(0,a.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,a.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),": ")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Result:")),(0,a.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,a.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,a.kt)("h3",{id:"additional-examples"},"Additional Examples"),(0,a.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5945],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>d});var l=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=l.createContext({}),p=function(e){var t=l.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return l.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},u=l.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=p(n),d=a,h=u["".concat(s,".").concat(d)]||u[d]||m[d]||r;return n?l.createElement(h,o(o({ref:t},c),{},{components:n})):l.createElement(h,o({ref:t},c))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,o=new Array(r);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>r,metadata:()=>i,toc:()=>p});var l=n(7462),a=(n(7294),n(3905));const r={},o="Examples",i={unversionedId:"examples",id:"version-0.4/examples",title:"Examples",description:"Lifecycle of a Fleet Bundle",source:"@site/versioned_docs/version-0.4/examples.md",sourceDirName:".",slug:"/examples",permalink:"/0.4/examples",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/examples.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.4/architecture"},next:{title:"Overview",permalink:"/0.4/cluster-overview"}},s={},p=[{value:"Lifecycle of a Fleet Bundle",id:"lifecycle-of-a-fleet-bundle",level:3},{value:"Deploy Kubernetes Manifests Across Clusters with Customization",id:"deploy-kubernetes-manifests-across-clusters-with-customization",level:3},{value:"Additional Examples",id:"additional-examples",level:3}],c={toc:p};function m(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,l.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"examples"},"Examples"),(0,a.kt)("h3",{id:"lifecycle-of-a-fleet-bundle"},"Lifecycle of a Fleet Bundle"),(0,a.kt)("p",null,"To demonstrate the lifecycle of a Fleet bundle, we will use ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"User will create a ",(0,a.kt)("a",{parentName:"li",href:"/0.4/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,a.kt)("a",{parentName:"li",href:"/0.4/webhook"},"webhook event"),". With every commit change, the ",(0,a.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,a.kt)("a",{parentName:"li",href:"/0.4/cluster-bundles-state#bundles"},"bundle"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,a.kt)("ol",{start:3},(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,a.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,a.kt)("h3",{id:"deploy-kubernetes-manifests-across-clusters-with-customization"},"Deploy Kubernetes Manifests Across Clusters with Customization"),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,a.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters using Fleet, we will use ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml")," as a case study."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,a.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,a.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,a.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Expected behavior:")," "),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,a.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,a.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,a.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,a.kt)("li",{parentName:"ol"},"Under ",(0,a.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,a.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),": ")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Result:")),(0,a.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,a.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,a.kt)("h3",{id:"additional-examples"},"Additional Examples"),(0,a.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/11f54a6a.ceb454c2.js b/assets/js/11f54a6a.c6268de1.js similarity index 99% rename from assets/js/11f54a6a.ceb454c2.js rename to assets/js/11f54a6a.c6268de1.js index f2fd02b8a..759eceeb6 100644 --- a/assets/js/11f54a6a.ceb454c2.js +++ b/assets/js/11f54a6a.c6268de1.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7301],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>d});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),p=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return a.createElement(l.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(n),d=r,h=m["".concat(l,".").concat(d)]||m[d]||u[d]||i;return n?a.createElement(h,o(o({ref:t},c),{},{components:n})):a.createElement(h,o({ref:t},c))}));function d(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=n.length,o=new Array(i);o[0]=m;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>u,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const i={},o="Adding a GitRepo",s={unversionedId:"gitrepo-add",id:"version-0.5/gitrepo-add",title:"Adding a GitRepo",description:"Proper namespace",source:"@site/versioned_docs/version-0.5/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.5/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/gitrepo-add.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.5/namespaces"},next:{title:"Expected Repo Structure",permalink:"/0.5/gitrepo-structure"}},l={},p=[{value:"Proper namespace",id:"proper-namespace",level:2},{value:"Create GitRepo instance",id:"create-gitrepo-instance",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2}],c={toc:p};function u(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"adding-a-gitrepo"},"Adding a GitRepo"),(0,r.kt)("h2",{id:"proper-namespace"},"Proper namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.5/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.5/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo instance"),(0,r.kt)("p",null,"Git repositories are register by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," following the below YAML sample. Refer\nto the inline comments as the means of each field"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n')),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. As a workaround, split them into different gitrepos.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",null,"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.5/troubleshooting"},"here"),"."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7301],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>d});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),p=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return a.createElement(l.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(n),d=r,h=m["".concat(l,".").concat(d)]||m[d]||u[d]||i;return n?a.createElement(h,o(o({ref:t},c),{},{components:n})):a.createElement(h,o({ref:t},c))}));function d(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=n.length,o=new Array(i);o[0]=m;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>u,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const i={},o="Adding a GitRepo",s={unversionedId:"gitrepo-add",id:"version-0.5/gitrepo-add",title:"Adding a GitRepo",description:"Proper namespace",source:"@site/versioned_docs/version-0.5/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.5/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/gitrepo-add.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.5/namespaces"},next:{title:"Expected Repo Structure",permalink:"/0.5/gitrepo-structure"}},l={},p=[{value:"Proper namespace",id:"proper-namespace",level:2},{value:"Create GitRepo instance",id:"create-gitrepo-instance",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2}],c={toc:p};function u(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"adding-a-gitrepo"},"Adding a GitRepo"),(0,r.kt)("h2",{id:"proper-namespace"},"Proper namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.5/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.5/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo instance"),(0,r.kt)("p",null,"Git repositories are register by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," following the below YAML sample. Refer\nto the inline comments as the means of each field"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n')),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. As a workaround, split them into different gitrepos.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",null,"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.5/troubleshooting"},"here"),"."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/126a9cd0.97e6941a.js b/assets/js/126a9cd0.ce06a137.js similarity index 98% rename from assets/js/126a9cd0.97e6941a.js rename to assets/js/126a9cd0.ce06a137.js index 989a7a7dc..14059a752 100644 --- a/assets/js/126a9cd0.97e6941a.js +++ b/assets/js/126a9cd0.ce06a137.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8985],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),d=c(r),g=a,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||i;return r?n.createElement(m,s(s({ref:t},u),{},{components:r})):n.createElement(m,s({ref:t},u))}));function g(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,s=new Array(i);s[0]=d;var o={};for(var l in t)hasOwnProperty.call(t,l)&&(o[l]=t[l]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},s="Cluster Registration Internals",o={unversionedId:"ref-registration",id:"version-0.9/ref-registration",title:"Cluster Registration Internals",description:"How does cluster registration work?",source:"@site/versioned_docs/version-0.9/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/0.9/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-registration.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/0.9/cluster-bundles-state"},next:{title:"Configuration",permalink:"/0.9/ref-configuration"}},l={},c=[{value:"How does cluster registration work?",id:"how-does-cluster-registration-work",level:2},{value:"Cluster first",id:"cluster-first",level:4},{value:"Cluster -> ClusterRegistrationToken + Import Account",id:"cluster---clusterregistrationtoken--import-account",level:4},{value:"Fleet-Agent -> ClusterRegistration",id:"fleet-agent---clusterregistration",level:4},{value:"Notes",id:"notes",level:3},{value:"Diagram",id:"diagram",level:2},{value:"Process",id:"process",level:3},{value:"Secrets",id:"secrets",level:3}],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("h2",{id:"how-does-cluster-registration-work"},"How does cluster registration work?"),(0,a.kt)("p",null,"This text describes cluster registration with more technical details. The text ignores agent initiated registration, as it\u2019s not commonly used.\n",(0,a.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#agent-initiated"},"Agent initiated registration")," is ",(0,a.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#create-cluster-registration-tokens"},'"',(0,a.kt)("inlineCode",{parentName:"a"},"ClusterRegistrationToken"),' first"'),", which means pre-creating a cluster is optional."),(0,a.kt)("p",null,'See "',(0,a.kt)("a",{parentName:"p",href:"/0.9/cluster-registration"},"Register Downstream Clusters"),'" to learn how to register clusters.'),(0,a.kt)("h4",{id:"cluster-first"},"Cluster first"),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller"),' starts up and may "bootstrap" the local cluster resource. In Rancher creating the local cluster resource is handlded by the fleetcluster controller instead, but otherwise the process is identical.'),(0,a.kt)("p",null,"For manager initiated registration the process is identical for the local cluster or any downstream cluster. It starts by creating a cluster resource, which refers to a kubeconfig secret."),(0,a.kt)("h4",{id:"cluster---clusterregistrationtoken--import-account"},"Cluster -> ClusterRegistrationToken + Import Account"),(0,a.kt)("p",null,"Now that a cluster resource exists, ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and runs ",(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," to create the fleet-agent deployment.\u2028",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," also creates a ",(0,a.kt)("a",{parentName:"p",href:"/0.9/architecture#security"},(0,a.kt)("inlineCode",{parentName:"a"},"clusterregistrationtoken"))," and waits for it to be complete. The ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistationtoken")," triggers the creation of the import service account, which can create ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistrations"),' and read any secret in the system registration namespace (eg "cattle-fleet-clusters-system").\nThe ',(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," will enqueue itself until the import service account exists, because that\u2019s needed to create the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret.\nNow, the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," and the bootstrap secret are present on the downstream cluster"),(0,a.kt)("h4",{id:"fleet-agent---clusterregistration"},"Fleet-Agent -> ClusterRegistration"),(0,a.kt)("p",null,"Immediately the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," checks for a ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret (which contains the import kubeconfig) and starts registering if present. Then ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," creates a clusterregistration resource in fleet-default on the management cluster, with a random number. The random number will be used for the registration secret\u2019s name."),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and tries to grant the clusterregistration request to create ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent"),"\u2019s serviceaccount and create the ",(0,a.kt)("inlineCode",{parentName:"p"},"\u2018c-*\u2019")," registration secret with the clients new kubeconfig.\nThe registration secret name is ",(0,a.kt)("inlineCode",{parentName:"p"},'hash("clientID-clientRandom")'),'. The new kubeconfig uses the "request" account. The request account can access the cluster status, ',(0,a.kt)("inlineCode",{parentName:"p"},"bundledeployments")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"contents"),"."),(0,a.kt)("h3",{id:"notes"},"Notes"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},'The registration starts with the "import" account and pivots to the "request" account.'),(0,a.kt)("li",{parentName:"ul"},"The fleet-default namespace has all the cluster registrations, the import account uses a separate namespace."),(0,a.kt)("li",{parentName:"ul"},"Once the agent is registered, ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will trigger on a cluster/namespace change and call manageagent to create a bundle. The agent will update itself to the bundle and since the generation env var changes it will restart."),(0,a.kt)("li",{parentName:"ul"},"If no bootstrap secret exists, the agent will not re-register.")),(0,a.kt)("h2",{id:"diagram"},"Diagram"),(0,a.kt)("h3",{id:"process"},"Process"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/0.9/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/0.9/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})),(0,a.kt)("h3",{id:"secrets"},"Secrets"),(0,a.kt)("p",null,"This diagram shows the resources created during registration and focuses on the k8s API server configuration."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration Secrets",src:r(4408).Z,width:"1581",height:"4162"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"},4408:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistrationSecrets-deae20b127f82ebcf32a5c593b53b912.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8985],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),d=c(r),g=a,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||i;return r?n.createElement(m,s(s({ref:t},u),{},{components:r})):n.createElement(m,s({ref:t},u))}));function g(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,s=new Array(i);s[0]=d;var o={};for(var l in t)hasOwnProperty.call(t,l)&&(o[l]=t[l]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},s="Cluster Registration Internals",o={unversionedId:"ref-registration",id:"version-0.9/ref-registration",title:"Cluster Registration Internals",description:"How does cluster registration work?",source:"@site/versioned_docs/version-0.9/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/0.9/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-registration.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/0.9/cluster-bundles-state"},next:{title:"Configuration",permalink:"/0.9/ref-configuration"}},l={},c=[{value:"How does cluster registration work?",id:"how-does-cluster-registration-work",level:2},{value:"Cluster first",id:"cluster-first",level:4},{value:"Cluster -> ClusterRegistrationToken + Import Account",id:"cluster---clusterregistrationtoken--import-account",level:4},{value:"Fleet-Agent -> ClusterRegistration",id:"fleet-agent---clusterregistration",level:4},{value:"Notes",id:"notes",level:3},{value:"Diagram",id:"diagram",level:2},{value:"Process",id:"process",level:3},{value:"Secrets",id:"secrets",level:3}],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("h2",{id:"how-does-cluster-registration-work"},"How does cluster registration work?"),(0,a.kt)("p",null,"This text describes cluster registration with more technical details. The text ignores agent initiated registration, as it\u2019s not commonly used.\n",(0,a.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#agent-initiated"},"Agent initiated registration")," is ",(0,a.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#create-cluster-registration-tokens"},'"',(0,a.kt)("inlineCode",{parentName:"a"},"ClusterRegistrationToken"),' first"'),", which means pre-creating a cluster is optional."),(0,a.kt)("p",null,'See "',(0,a.kt)("a",{parentName:"p",href:"/0.9/cluster-registration"},"Register Downstream Clusters"),'" to learn how to register clusters.'),(0,a.kt)("h4",{id:"cluster-first"},"Cluster first"),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller"),' starts up and may "bootstrap" the local cluster resource. In Rancher creating the local cluster resource is handlded by the fleetcluster controller instead, but otherwise the process is identical.'),(0,a.kt)("p",null,"For manager initiated registration the process is identical for the local cluster or any downstream cluster. It starts by creating a cluster resource, which refers to a kubeconfig secret."),(0,a.kt)("h4",{id:"cluster---clusterregistrationtoken--import-account"},"Cluster -> ClusterRegistrationToken + Import Account"),(0,a.kt)("p",null,"Now that a cluster resource exists, ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and runs ",(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," to create the fleet-agent deployment.\u2028",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," also creates a ",(0,a.kt)("a",{parentName:"p",href:"/0.9/architecture#security"},(0,a.kt)("inlineCode",{parentName:"a"},"clusterregistrationtoken"))," and waits for it to be complete. The ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistationtoken")," triggers the creation of the import service account, which can create ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistrations"),' and read any secret in the system registration namespace (eg "cattle-fleet-clusters-system").\nThe ',(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," will enqueue itself until the import service account exists, because that\u2019s needed to create the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret.\nNow, the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," and the bootstrap secret are present on the downstream cluster"),(0,a.kt)("h4",{id:"fleet-agent---clusterregistration"},"Fleet-Agent -> ClusterRegistration"),(0,a.kt)("p",null,"Immediately the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," checks for a ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret (which contains the import kubeconfig) and starts registering if present. Then ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," creates a clusterregistration resource in fleet-default on the management cluster, with a random number. The random number will be used for the registration secret\u2019s name."),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and tries to grant the clusterregistration request to create ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent"),"\u2019s serviceaccount and create the ",(0,a.kt)("inlineCode",{parentName:"p"},"\u2018c-*\u2019")," registration secret with the clients new kubeconfig.\nThe registration secret name is ",(0,a.kt)("inlineCode",{parentName:"p"},'hash("clientID-clientRandom")'),'. The new kubeconfig uses the "request" account. The request account can access the cluster status, ',(0,a.kt)("inlineCode",{parentName:"p"},"bundledeployments")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"contents"),"."),(0,a.kt)("h3",{id:"notes"},"Notes"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},'The registration starts with the "import" account and pivots to the "request" account.'),(0,a.kt)("li",{parentName:"ul"},"The fleet-default namespace has all the cluster registrations, the import account uses a separate namespace."),(0,a.kt)("li",{parentName:"ul"},"Once the agent is registered, ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will trigger on a cluster/namespace change and call manageagent to create a bundle. The agent will update itself to the bundle and since the generation env var changes it will restart."),(0,a.kt)("li",{parentName:"ul"},"If no bootstrap secret exists, the agent will not re-register.")),(0,a.kt)("h2",{id:"diagram"},"Diagram"),(0,a.kt)("h3",{id:"process"},"Process"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/0.9/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/0.9/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})),(0,a.kt)("h3",{id:"secrets"},"Secrets"),(0,a.kt)("p",null,"This diagram shows the resources created during registration and focuses on the k8s API server configuration."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration Secrets",src:r(4408).Z,width:"1581",height:"4162"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"},4408:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistrationSecrets-deae20b127f82ebcf32a5c593b53b912.svg"}}]); \ No newline at end of file diff --git a/assets/js/12f4838b.33f1e2de.js b/assets/js/12f4838b.54ece151.js similarity index 98% rename from assets/js/12f4838b.33f1e2de.js rename to assets/js/12f4838b.54ece151.js index d8fa38602..50317b5f2 100644 --- a/assets/js/12f4838b.33f1e2de.js +++ b/assets/js/12f4838b.54ece151.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8795],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),s=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=s(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),d=s(n),m=a,g=d["".concat(l,".").concat(m)]||d[m]||p[m]||i;return n?r.createElement(g,o(o({ref:t},u),{},{components:n})):r.createElement(g,o({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=n.length,o=new Array(i);o[0]=d;var c={};for(var l in t)hasOwnProperty.call(t,l)&&(c[l]=t[l]);c.originalType=e,c.mdxType="string"==typeof e?e:a,o[1]=c;for(var s=2;s{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>c,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const i={},o="Manager Initiated",c={unversionedId:"manager-initiated",id:"version-0.5/manager-initiated",title:"Manager Initiated",description:"Refer to the overview page for a background information on the manager initiated registration style.",source:"@site/versioned_docs/version-0.5/manager-initiated.md",sourceDirName:".",slug:"/manager-initiated",permalink:"/0.5/manager-initiated",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/manager-initiated.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Agent Initiated",permalink:"/0.5/agent-initiated"},next:{title:"Cluster Groups",permalink:"/0.5/cluster-group"}},l={},s=[{value:"Kubeconfig Secret",id:"kubeconfig-secret",level:2},{value:"Example",id:"example",level:2},{value:"Kubeconfig Secret",id:"kubeconfig-secret-1",level:3},{value:"Cluster",id:"cluster",level:3}],u={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"manager-initiated"},"Manager Initiated"),(0,a.kt)("p",null,"Refer to the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/cluster-overview#agent-initiated-registration"},"overview page")," for a background information on the manager initiated registration style."),(0,a.kt)("h2",{id:"kubeconfig-secret"},"Kubeconfig Secret"),(0,a.kt)("p",null,"The manager initiated registration flow is accomplished by creating a\n",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,a.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,a.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,a.kt)("p",null,"The format of this secret is intended to match the ",(0,a.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format"),"\nof the kubeconfig\nsecret used in ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically\nregistered with Fleet."),(0,a.kt)("h2",{id:"example"},"Example"),(0,a.kt)("h3",{id:"kubeconfig-secret-1"},"Kubeconfig Secret"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,a.kt)("h3",{id:"cluster"},"Cluster"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8795],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),s=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=s(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),d=s(n),m=a,g=d["".concat(l,".").concat(m)]||d[m]||p[m]||i;return n?r.createElement(g,o(o({ref:t},u),{},{components:n})):r.createElement(g,o({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=n.length,o=new Array(i);o[0]=d;var c={};for(var l in t)hasOwnProperty.call(t,l)&&(c[l]=t[l]);c.originalType=e,c.mdxType="string"==typeof e?e:a,o[1]=c;for(var s=2;s{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>c,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const i={},o="Manager Initiated",c={unversionedId:"manager-initiated",id:"version-0.5/manager-initiated",title:"Manager Initiated",description:"Refer to the overview page for a background information on the manager initiated registration style.",source:"@site/versioned_docs/version-0.5/manager-initiated.md",sourceDirName:".",slug:"/manager-initiated",permalink:"/0.5/manager-initiated",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/manager-initiated.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Agent Initiated",permalink:"/0.5/agent-initiated"},next:{title:"Cluster Groups",permalink:"/0.5/cluster-group"}},l={},s=[{value:"Kubeconfig Secret",id:"kubeconfig-secret",level:2},{value:"Example",id:"example",level:2},{value:"Kubeconfig Secret",id:"kubeconfig-secret-1",level:3},{value:"Cluster",id:"cluster",level:3}],u={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"manager-initiated"},"Manager Initiated"),(0,a.kt)("p",null,"Refer to the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/cluster-overview#agent-initiated-registration"},"overview page")," for a background information on the manager initiated registration style."),(0,a.kt)("h2",{id:"kubeconfig-secret"},"Kubeconfig Secret"),(0,a.kt)("p",null,"The manager initiated registration flow is accomplished by creating a\n",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,a.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,a.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,a.kt)("p",null,"The format of this secret is intended to match the ",(0,a.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format"),"\nof the kubeconfig\nsecret used in ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically\nregistered with Fleet."),(0,a.kt)("h2",{id:"example"},"Example"),(0,a.kt)("h3",{id:"kubeconfig-secret-1"},"Kubeconfig Secret"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,a.kt)("h3",{id:"cluster"},"Cluster"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/140acae8.56a4dba2.js b/assets/js/140acae8.f01242d2.js similarity index 99% rename from assets/js/140acae8.56a4dba2.js rename to assets/js/140acae8.f01242d2.js index 85c20f19e..c1a54ec5a 100644 --- a/assets/js/140acae8.56a4dba2.js +++ b/assets/js/140acae8.f01242d2.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6351],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=a.createContext({}),u=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=u(n),m=r,f=p["".concat(i,".").concat(m)]||p[m]||d[m]||o;return n?a.createElement(f,l(l({ref:t},c),{},{components:n})):a.createElement(f,l({ref:t},c))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,l=new Array(o);l[0]=p;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:r,l[1]=s;for(var u=2;u{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>d,frontMatter:()=>o,metadata:()=>s,toc:()=>u});var a=n(7462),r=(n(7294),n(3905));const o={},l="fleet.yaml",s={unversionedId:"ref-fleet-yaml",id:"version-0.7/ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/versioned_docs/version-0.7/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/0.7/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-fleet-yaml.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/0.7/ref-crds"},next:{title:"GitRepo Resource",permalink:"/0.7/ref-gitrepo"}},i={},u=[{value:"Reference",id:"reference",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,r.kt)("p",null,"For more information on how to use the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,r.kt)("a",{parentName:"p",href:"/0.7/gitrepo-content"},"Git Repository Contents"),"."),(0,r.kt)("p",null,"The content of the fleet.yaml corresponds to the struct at ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/b501b7e7864d37e310dfcdb109c73e5aec4240bb/pkg/bundlereader/read.go#L132-L139"},"pkg/bundlereader/read.go"),", which contains the ",(0,r.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,r.kt)("h3",{id:"reference"},"Reference"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# Optional map of labels, that are set at the bundle and can be used in a\n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # It is possible to specify the keys and values as go template strings for\n # advanced templating needs. Most of the functions from the sprig templating\n # library are available. Note, if the functions output changes with every\n # call, e.g. `uuidv4`, the bundle will get redeployed.\n # The template context has following keys.\n # `.ClusterValues` are retrieved from target cluster\'s `spec.templateValues`\n # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.\n # `.ClusterName` as the fleet\'s cluster resource name.\n # `.ClusterNamespace` as the namespace in which the cluster resource exists.\n # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,\n # unlike helm which uses {{ }}.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default\n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector:\n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name.\n clusterName: dev-cluster\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n\n# Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources\n# makes the Bundle to be in an error state when it shouldn\'t.\nignore:\n # Conditions to be ignored\n conditions:\n # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}\n - type: Active\n status: "False"\n')))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6351],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=a.createContext({}),u=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=u(n),m=r,f=p["".concat(i,".").concat(m)]||p[m]||d[m]||o;return n?a.createElement(f,l(l({ref:t},c),{},{components:n})):a.createElement(f,l({ref:t},c))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,l=new Array(o);l[0]=p;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:r,l[1]=s;for(var u=2;u{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>d,frontMatter:()=>o,metadata:()=>s,toc:()=>u});var a=n(7462),r=(n(7294),n(3905));const o={},l="fleet.yaml",s={unversionedId:"ref-fleet-yaml",id:"version-0.7/ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/versioned_docs/version-0.7/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/0.7/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-fleet-yaml.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/0.7/ref-crds"},next:{title:"GitRepo Resource",permalink:"/0.7/ref-gitrepo"}},i={},u=[{value:"Reference",id:"reference",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,r.kt)("p",null,"For more information on how to use the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,r.kt)("a",{parentName:"p",href:"/0.7/gitrepo-content"},"Git Repository Contents"),"."),(0,r.kt)("p",null,"The content of the fleet.yaml corresponds to the struct at ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/b501b7e7864d37e310dfcdb109c73e5aec4240bb/pkg/bundlereader/read.go#L132-L139"},"pkg/bundlereader/read.go"),", which contains the ",(0,r.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,r.kt)("h3",{id:"reference"},"Reference"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# Optional map of labels, that are set at the bundle and can be used in a\n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # It is possible to specify the keys and values as go template strings for\n # advanced templating needs. Most of the functions from the sprig templating\n # library are available. Note, if the functions output changes with every\n # call, e.g. `uuidv4`, the bundle will get redeployed.\n # The template context has following keys.\n # `.ClusterValues` are retrieved from target cluster\'s `spec.templateValues`\n # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.\n # `.ClusterName` as the fleet\'s cluster resource name.\n # `.ClusterNamespace` as the namespace in which the cluster resource exists.\n # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,\n # unlike helm which uses {{ }}.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default\n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector:\n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name.\n clusterName: dev-cluster\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n\n# Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources\n# makes the Bundle to be in an error state when it shouldn\'t.\nignore:\n # Conditions to be ignored\n conditions:\n # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}\n - type: Active\n status: "False"\n')))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/167e2e0a.ac2cbfa2.js b/assets/js/167e2e0a.a699d0e5.js similarity index 98% rename from assets/js/167e2e0a.ac2cbfa2.js rename to assets/js/167e2e0a.a699d0e5.js index 5a9375c6b..68d713953 100644 --- a/assets/js/167e2e0a.ac2cbfa2.js +++ b/assets/js/167e2e0a.a699d0e5.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4552],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||o;return n?r.createElement(m,a(a({ref:t},p),{},{components:n})):r.createElement(m,a({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=n.length,a=new Array(o);a[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>f,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet apply"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"version-0.8/cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/versioned_docs/version-0.8/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/0.8/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-cli/fleet_apply.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/0.8/cli/fleet-cli/fleet"},next:{title:"fleet test",permalink:"/0.8/cli/fleet-cli/fleet_test"}},s={},c=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -h, --help help for apply\n -l, --label strings Labels to apply to created bundles\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4552],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||o;return n?r.createElement(m,a(a({ref:t},p),{},{components:n})):r.createElement(m,a({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=n.length,a=new Array(o);a[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>f,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet apply"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"version-0.8/cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/versioned_docs/version-0.8/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/0.8/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-cli/fleet_apply.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/0.8/cli/fleet-cli/fleet"},next:{title:"fleet test",permalink:"/0.8/cli/fleet-cli/fleet_test"}},s={},c=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -h, --help help for apply\n -l, --label strings Labels to apply to created bundles\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/170989a3.02eadf81.js b/assets/js/170989a3.3d4ca108.js similarity index 97% rename from assets/js/170989a3.02eadf81.js rename to assets/js/170989a3.3d4ca108.js index 7dc9ed1a1..e71d28bb1 100644 --- a/assets/js/170989a3.02eadf81.js +++ b/assets/js/170989a3.3d4ca108.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7107],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.6/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.6/index.md",sourceDirName:".",slug:"/",permalink:"/0.6/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/index.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.6/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7107],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.6/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.6/index.md",sourceDirName:".",slug:"/",permalink:"/0.6/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/index.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.6/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file diff --git a/assets/js/18f4f7da.8751c2fe.js b/assets/js/18f4f7da.a5f22219.js similarity index 99% rename from assets/js/18f4f7da.8751c2fe.js rename to assets/js/18f4f7da.a5f22219.js index 7a95a10fd..b61ea14a4 100644 --- a/assets/js/18f4f7da.8751c2fe.js +++ b/assets/js/18f4f7da.a5f22219.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6502],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function r(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var i=a.createContext({}),u=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=u(n),m=o,f=p["".concat(i,".").concat(m)]||p[m]||d[m]||l;return n?a.createElement(f,r(r({ref:t},c),{},{components:n})):a.createElement(f,r({ref:t},c))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,r=new Array(l);r[0]=p;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var u=2;u{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>s,toc:()=>u});var a=n(7462),o=(n(7294),n(3905));const l={},r="fleet.yaml",s={unversionedId:"ref-fleet-yaml",id:"version-0.9/ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/versioned_docs/version-0.9/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/0.9/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-fleet-yaml.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/0.9/ref-crds"},next:{title:"GitRepo Resource",permalink:"/0.9/ref-gitrepo"}},i={},u=[{value:"Reference",id:"reference",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,o.kt)("p",null,"For more information on how to use the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,o.kt)("a",{parentName:"p",href:"/0.9/gitrepo-content"},"Git Repository Contents"),"."),(0,o.kt)("p",null,"The content of the fleet.yaml corresponds to the struct at ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/b501b7e7864d37e310dfcdb109c73e5aec4240bb/pkg/bundlereader/read.go#L132-L139"},"pkg/bundlereader/read.go"),", which contains the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,o.kt)("h3",{id:"reference"},"Reference"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# namespaceLabels are labels that will be appended to the namespace created by Fleet.\nnamespaceLabels:\n key: value\n# namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.\nnamespaceAnnotations:\n key: value\n\n# Optional map of labels, that are set at the bundle and can be used in a\n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n ### These options control how "fleet apply" downloads the chart\n #\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n\n ### These options only work for helm-type bundles\n #\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # It is possible to specify the keys and values as go template strings for\n # advanced templating needs. Most of the functions from the sprig templating\n # library are available. Note, if the functions output changes with every\n # call, e.g. `uuidv4`, the bundle will get redeployed.\n # The template context has following keys.\n # `.ClusterValues` are retrieved from target cluster\'s `spec.templateValues`\n # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.\n # `.ClusterName` as the fleet\'s cluster resource name.\n # `.ClusterNamespace` as the namespace in which the cluster resource exists.\n # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,\n # unlike helm which uses {{ }}.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default\n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n\n ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.\n #\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # Disable DNS resolution in Helm\'s template functions\n disableDNS: false\n # Skip evaluation of the values.schema.json file\n skipSchemaValidation: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector:\n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. When using Fleet in\n # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.\n clusterName: dev-cluster\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # Resources will not be deployed in the matched clusters if doNotDeploy is true.\n doNotDeploy: false\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:\n # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n\n# Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources\n# makes the Bundle to be in an error state when it shouldn\'t.\nignore:\n # Conditions to be ignored\n conditions:\n # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}\n - type: Active\n status: "False"\n\n# Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.\noverrideTargets:\n - clusterSelector:\n matchLabels:\n env: dev\n\n')))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6502],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function r(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var i=a.createContext({}),u=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=u(n),m=o,f=p["".concat(i,".").concat(m)]||p[m]||d[m]||l;return n?a.createElement(f,r(r({ref:t},c),{},{components:n})):a.createElement(f,r({ref:t},c))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,r=new Array(l);r[0]=p;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var u=2;u{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>s,toc:()=>u});var a=n(7462),o=(n(7294),n(3905));const l={},r="fleet.yaml",s={unversionedId:"ref-fleet-yaml",id:"version-0.9/ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/versioned_docs/version-0.9/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/0.9/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-fleet-yaml.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/0.9/ref-crds"},next:{title:"GitRepo Resource",permalink:"/0.9/ref-gitrepo"}},i={},u=[{value:"Reference",id:"reference",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,o.kt)("p",null,"For more information on how to use the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,o.kt)("a",{parentName:"p",href:"/0.9/gitrepo-content"},"Git Repository Contents"),"."),(0,o.kt)("p",null,"The content of the fleet.yaml corresponds to the struct at ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/b501b7e7864d37e310dfcdb109c73e5aec4240bb/pkg/bundlereader/read.go#L132-L139"},"pkg/bundlereader/read.go"),", which contains the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,o.kt)("h3",{id:"reference"},"Reference"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# namespaceLabels are labels that will be appended to the namespace created by Fleet.\nnamespaceLabels:\n key: value\n# namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.\nnamespaceAnnotations:\n key: value\n\n# Optional map of labels, that are set at the bundle and can be used in a\n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n ### These options control how "fleet apply" downloads the chart\n #\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n\n ### These options only work for helm-type bundles\n #\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # It is possible to specify the keys and values as go template strings for\n # advanced templating needs. Most of the functions from the sprig templating\n # library are available. Note, if the functions output changes with every\n # call, e.g. `uuidv4`, the bundle will get redeployed.\n # The template context has following keys.\n # `.ClusterValues` are retrieved from target cluster\'s `spec.templateValues`\n # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.\n # `.ClusterName` as the fleet\'s cluster resource name.\n # `.ClusterNamespace` as the namespace in which the cluster resource exists.\n # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,\n # unlike helm which uses {{ }}.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default\n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n\n ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.\n #\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # Disable DNS resolution in Helm\'s template functions\n disableDNS: false\n # Skip evaluation of the values.schema.json file\n skipSchemaValidation: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector:\n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. When using Fleet in\n # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.\n clusterName: dev-cluster\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # Resources will not be deployed in the matched clusters if doNotDeploy is true.\n doNotDeploy: false\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:\n # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n\n# Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources\n# makes the Bundle to be in an error state when it shouldn\'t.\nignore:\n # Conditions to be ignored\n conditions:\n # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}\n - type: Active\n status: "False"\n\n# Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.\noverrideTargets:\n - clusterSelector:\n matchLabels:\n env: dev\n\n')))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/1bd61b9d.4ce5cbc1.js b/assets/js/1bd61b9d.5da1c034.js similarity index 99% rename from assets/js/1bd61b9d.4ce5cbc1.js rename to assets/js/1bd61b9d.5da1c034.js index 2b03ee39d..5054897e2 100644 --- a/assets/js/1bd61b9d.4ce5cbc1.js +++ b/assets/js/1bd61b9d.5da1c034.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6950],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.6/bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.6/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.6/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/bundle-diffs.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.6/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/0.6/webhook"}},l={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-examples/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec. "),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")," "),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and "),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6950],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.6/bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.6/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.6/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/bundle-diffs.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.6/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/0.6/webhook"}},l={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-examples/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec. "),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")," "),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and "),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file diff --git a/assets/js/1cb1b893.fee72a63.js b/assets/js/1cb1b893.2cc619e6.js similarity index 96% rename from assets/js/1cb1b893.fee72a63.js rename to assets/js/1cb1b893.2cc619e6.js index bbacc97d2..9640c055d 100644 --- a/assets/js/1cb1b893.fee72a63.js +++ b/assets/js/1cb1b893.2cc619e6.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6188],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>f});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},g=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),g=s(r),f=o,d=g["".concat(i,".").concat(f)]||g[f]||u[f]||a;return r?n.createElement(d,c(c({ref:t},p),{},{components:r})):n.createElement(d,c({ref:t},p))}));function f(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,c=new Array(a);c[0]=g;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l.mdxType="string"==typeof e?e:o,c[1]=l;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>c,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"Next \ud83d\udea7"},c=void 0,l={unversionedId:"changelogs/changelogs/next",id:"changelogs/changelogs/next",title:"Next \ud83d\udea7",description:"We are still working on the next release.",source:"@site/docs/changelogs/changelogs/next.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/next",permalink:"/changelogs/changelogs/next",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/changelogs/changelogs/next.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"Next \ud83d\udea7"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/troubleshooting"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,"We are still working on the next release."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6188],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>f});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},g=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),g=s(r),f=o,d=g["".concat(i,".").concat(f)]||g[f]||u[f]||a;return r?n.createElement(d,c(c({ref:t},p),{},{components:r})):n.createElement(d,c({ref:t},p))}));function f(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,c=new Array(a);c[0]=g;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l.mdxType="string"==typeof e?e:o,c[1]=l;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>c,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"Next \ud83d\udea7"},c=void 0,l={unversionedId:"changelogs/changelogs/next",id:"changelogs/changelogs/next",title:"Next \ud83d\udea7",description:"We are still working on the next release.",source:"@site/docs/changelogs/changelogs/next.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/next",permalink:"/changelogs/changelogs/next",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/changelogs/changelogs/next.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"Next \ud83d\udea7"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/troubleshooting"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,"We are still working on the next release."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/1f14308a.e247d020.js b/assets/js/1f14308a.e53d86f6.js similarity index 98% rename from assets/js/1f14308a.e247d020.js rename to assets/js/1f14308a.e53d86f6.js index 22603e079..9c2f58c58 100644 --- a/assets/js/1f14308a.e247d020.js +++ b/assets/js/1f14308a.e53d86f6.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4728],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=c(n),u=r,g=d["".concat(l,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const o={},i="Image scan",s={unversionedId:"imagescan",id:"version-0.5/imagescan",title:"Image scan",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.5/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.5/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/imagescan.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Webhook",permalink:"/0.5/webhook"},next:{title:"Cluster and Bundle state",permalink:"/0.5/cluster-bundles-state"}},l={},c=[],m={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"image-scan"},"Image scan"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order \n- policy: \n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver: \n range: "*" \n # can use ascending or descending order\n alphabetical:\n order: asc \n\n # specify images to scan\n image: "your.registry.com/repo/image" \n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret \n\n # Specify the scan interval\n interval: 5m \n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples \n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m \n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret \n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4728],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=c(n),u=r,g=d["".concat(l,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const o={},i="Image scan",s={unversionedId:"imagescan",id:"version-0.5/imagescan",title:"Image scan",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.5/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.5/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/imagescan.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Webhook",permalink:"/0.5/webhook"},next:{title:"Cluster and Bundle state",permalink:"/0.5/cluster-bundles-state"}},l={},c=[],m={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"image-scan"},"Image scan"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order \n- policy: \n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver: \n range: "*" \n # can use ascending or descending order\n alphabetical:\n order: asc \n\n # specify images to scan\n image: "your.registry.com/repo/image" \n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret \n\n # Specify the scan interval\n interval: 5m \n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples \n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m \n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret \n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/1f330703.d30edc2a.js b/assets/js/1f330703.baa253be.js similarity index 98% rename from assets/js/1f330703.d30edc2a.js rename to assets/js/1f330703.baa253be.js index 6a4ef7849..8d634ba62 100644 --- a/assets/js/1f330703.d30edc2a.js +++ b/assets/js/1f330703.baa253be.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8134],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"version-0.8/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.8/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.8/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/architecture.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.8/uninstall"},next:{title:"Core Concepts",permalink:"/0.8/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8134],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"version-0.8/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.8/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.8/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/architecture.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.8/uninstall"},next:{title:"Core Concepts",permalink:"/0.8/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file diff --git a/assets/js/1f8b8b7b.9ba7ceca.js b/assets/js/1f8b8b7b.cec4d91e.js similarity index 98% rename from assets/js/1f8b8b7b.9ba7ceca.js rename to assets/js/1f8b8b7b.cec4d91e.js index 692a60ae5..7361a208e 100644 --- a/assets/js/1f8b8b7b.9ba7ceca.js +++ b/assets/js/1f8b8b7b.cec4d91e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9733],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.8/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.8/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.8/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/uninstall.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/0.8/tut-deployment"},next:{title:"Architecture",permalink:"/0.8/architecture"}},s={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9733],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.8/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.8/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.8/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/uninstall.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/0.8/tut-deployment"},next:{title:"Architecture",permalink:"/0.8/architecture"}},s={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/1fec2b35.0059ace3.js b/assets/js/1fec2b35.82fea959.js similarity index 97% rename from assets/js/1fec2b35.0059ace3.js rename to assets/js/1fec2b35.82fea959.js index c0b7fa22c..d80d9d4c2 100644 --- a/assets/js/1fec2b35.0059ace3.js +++ b/assets/js/1fec2b35.82fea959.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3325],{3905:(e,t,n)=>{n.d(t,{Zo:()=>i,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),d=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},i=function(e){var t=d(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,i=o(e,["components","mdxType","originalType","parentName"]),c=d(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},i),{},{components:n})):r.createElement(m,s({ref:t},i))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var d=2;d{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>d});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle state",o={unversionedId:"cluster-bundles-state",id:"version-0.4/cluster-bundles-state",title:"Cluster and Bundle state",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.4/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.4/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/cluster-bundles-state.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Image scan",permalink:"/0.4/imagescan"},next:{title:"Troubleshooting",permalink:"/0.4/troubleshooting"}},u={},d=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],i={toc:d};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},i,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle state"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3325],{3905:(e,t,n)=>{n.d(t,{Zo:()=>i,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),d=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},i=function(e){var t=d(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,i=o(e,["components","mdxType","originalType","parentName"]),c=d(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},i),{},{components:n})):r.createElement(m,s({ref:t},i))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var d=2;d{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>d});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle state",o={unversionedId:"cluster-bundles-state",id:"version-0.4/cluster-bundles-state",title:"Cluster and Bundle state",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.4/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.4/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/cluster-bundles-state.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Image scan",permalink:"/0.4/imagescan"},next:{title:"Troubleshooting",permalink:"/0.4/troubleshooting"}},u={},d=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],i={toc:d};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},i,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle state"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/20889235.71c516f7.js b/assets/js/20889235.71ea7739.js similarity index 97% rename from assets/js/20889235.71c516f7.js rename to assets/js/20889235.71ea7739.js index 379db958f..31a7bb467 100644 --- a/assets/js/20889235.71c516f7.js +++ b/assets/js/20889235.71ea7739.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1043],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.7/cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.7/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.7/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cluster-group.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/0.7/cluster-registration"},next:{title:"Setup Multi User",permalink:"/0.7/multi-user"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1043],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.7/cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.7/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.7/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cluster-group.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/0.7/cluster-registration"},next:{title:"Setup Multi User",permalink:"/0.7/multi-user"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/21d02ecb.9b55e245.js b/assets/js/21d02ecb.4536eca8.js similarity index 98% rename from assets/js/21d02ecb.9b55e245.js rename to assets/js/21d02ecb.4536eca8.js index ff25d3e91..ff8d9d3a7 100644 --- a/assets/js/21d02ecb.9b55e245.js +++ b/assets/js/21d02ecb.4536eca8.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6985],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),d=c(r),g=a,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||i;return r?n.createElement(m,s(s({ref:t},u),{},{components:r})):n.createElement(m,s({ref:t},u))}));function g(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,s=new Array(i);s[0]=d;var o={};for(var l in t)hasOwnProperty.call(t,l)&&(o[l]=t[l]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},s="Cluster Registration Internals",o={unversionedId:"ref-registration",id:"version-0.8/ref-registration",title:"Cluster Registration Internals",description:"How does cluster registration work?",source:"@site/versioned_docs/version-0.8/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/0.8/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-registration.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/0.8/cluster-bundles-state"},next:{title:"Configuration",permalink:"/0.8/ref-configuration"}},l={},c=[{value:"How does cluster registration work?",id:"how-does-cluster-registration-work",level:2},{value:"Cluster first",id:"cluster-first",level:4},{value:"Cluster -> ClusterRegistrationToken + Import Account",id:"cluster---clusterregistrationtoken--import-account",level:4},{value:"Fleet-Agent -> ClusterRegistration",id:"fleet-agent---clusterregistration",level:4},{value:"Notes",id:"notes",level:3},{value:"Diagram",id:"diagram",level:2},{value:"Process",id:"process",level:3},{value:"Secrets",id:"secrets",level:3}],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("h2",{id:"how-does-cluster-registration-work"},"How does cluster registration work?"),(0,a.kt)("p",null,"This text describes cluster registration with more technical details. The text ignores agent initiated registration, as it\u2019s not commonly used.\n",(0,a.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#agent-initiated"},"Agent initiated registration")," is ",(0,a.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#create-cluster-registration-tokens"},'"',(0,a.kt)("inlineCode",{parentName:"a"},"ClusterRegistrationToken"),' first"'),", which means pre-creating a cluster is optional."),(0,a.kt)("p",null,'See "',(0,a.kt)("a",{parentName:"p",href:"/0.8/cluster-registration"},"Register Downstream Clusters"),'" to learn how to register clusters.'),(0,a.kt)("h4",{id:"cluster-first"},"Cluster first"),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller"),' starts up and may "bootstrap" the local cluster resource. In Rancher creating the local cluster resource is handlded by the fleetcluster controller instead, but otherwise the process is identical.'),(0,a.kt)("p",null,"For manager initiated registration the process is identical for the local cluster or any downstream cluster. It starts by creating a cluster resource, which refers to a kubeconfig secret."),(0,a.kt)("h4",{id:"cluster---clusterregistrationtoken--import-account"},"Cluster -> ClusterRegistrationToken + Import Account"),(0,a.kt)("p",null,"Now that a cluster resource exists, ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and runs ",(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," to create the fleet-agent deployment.\u2028",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," also creates a ",(0,a.kt)("a",{parentName:"p",href:"/0.8/architecture#security"},(0,a.kt)("inlineCode",{parentName:"a"},"clusterregistrationtoken"))," and waits for it to be complete. The ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistationtoken")," triggers the creation of the import service account, which can create ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistrations"),' and read any secret in the system registration namespace (eg "cattle-fleet-clusters-system").\nThe ',(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," will enqueue itself until the import service account exists, because that\u2019s needed to create the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret.\nNow, the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," and the bootstrap secret are present on the downstream cluster"),(0,a.kt)("h4",{id:"fleet-agent---clusterregistration"},"Fleet-Agent -> ClusterRegistration"),(0,a.kt)("p",null,"Immediately the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," checks for a ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret (which contains the import kubeconfig) and starts registering if present. Then ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," creates a clusterregistration resource in fleet-default on the management cluster, with a random number. The random number will be used for the registration secret\u2019s name."),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and tries to grant the clusterregistration request to create ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent"),"\u2019s serviceaccount and create the ",(0,a.kt)("inlineCode",{parentName:"p"},"\u2018c-*\u2019")," registration secret with the clients new kubeconfig.\nThe registration secret name is ",(0,a.kt)("inlineCode",{parentName:"p"},'hash("clientID-clientRandom")'),'. The new kubeconfig uses the "request" account. The request account can access the cluster status, ',(0,a.kt)("inlineCode",{parentName:"p"},"bundledeployments")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"contents"),"."),(0,a.kt)("h3",{id:"notes"},"Notes"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},'The registration starts with the "import" account and pivots to the "request" account.'),(0,a.kt)("li",{parentName:"ul"},"The fleet-default namespace has all the cluster registrations, the import account uses a separate namespace."),(0,a.kt)("li",{parentName:"ul"},"Once the agent is registered, ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will trigger on a cluster/namespace change and call manageagent to create a bundle. The agent will update itself to the bundle and since the generation env var changes it will restart."),(0,a.kt)("li",{parentName:"ul"},"If no bootstrap secret exists, the agent will not re-register.")),(0,a.kt)("h2",{id:"diagram"},"Diagram"),(0,a.kt)("h3",{id:"process"},"Process"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/0.8/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/0.8/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})),(0,a.kt)("h3",{id:"secrets"},"Secrets"),(0,a.kt)("p",null,"This diagram shows the resources created during registration and focuses on the k8s API server configuration."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration Secrets",src:r(4408).Z,width:"1581",height:"4162"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"},4408:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistrationSecrets-deae20b127f82ebcf32a5c593b53b912.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6985],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),d=c(r),g=a,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||i;return r?n.createElement(m,s(s({ref:t},u),{},{components:r})):n.createElement(m,s({ref:t},u))}));function g(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,s=new Array(i);s[0]=d;var o={};for(var l in t)hasOwnProperty.call(t,l)&&(o[l]=t[l]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},s="Cluster Registration Internals",o={unversionedId:"ref-registration",id:"version-0.8/ref-registration",title:"Cluster Registration Internals",description:"How does cluster registration work?",source:"@site/versioned_docs/version-0.8/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/0.8/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-registration.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/0.8/cluster-bundles-state"},next:{title:"Configuration",permalink:"/0.8/ref-configuration"}},l={},c=[{value:"How does cluster registration work?",id:"how-does-cluster-registration-work",level:2},{value:"Cluster first",id:"cluster-first",level:4},{value:"Cluster -> ClusterRegistrationToken + Import Account",id:"cluster---clusterregistrationtoken--import-account",level:4},{value:"Fleet-Agent -> ClusterRegistration",id:"fleet-agent---clusterregistration",level:4},{value:"Notes",id:"notes",level:3},{value:"Diagram",id:"diagram",level:2},{value:"Process",id:"process",level:3},{value:"Secrets",id:"secrets",level:3}],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("h2",{id:"how-does-cluster-registration-work"},"How does cluster registration work?"),(0,a.kt)("p",null,"This text describes cluster registration with more technical details. The text ignores agent initiated registration, as it\u2019s not commonly used.\n",(0,a.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#agent-initiated"},"Agent initiated registration")," is ",(0,a.kt)("a",{parentName:"p",href:"/0.8/cluster-registration#create-cluster-registration-tokens"},'"',(0,a.kt)("inlineCode",{parentName:"a"},"ClusterRegistrationToken"),' first"'),", which means pre-creating a cluster is optional."),(0,a.kt)("p",null,'See "',(0,a.kt)("a",{parentName:"p",href:"/0.8/cluster-registration"},"Register Downstream Clusters"),'" to learn how to register clusters.'),(0,a.kt)("h4",{id:"cluster-first"},"Cluster first"),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller"),' starts up and may "bootstrap" the local cluster resource. In Rancher creating the local cluster resource is handlded by the fleetcluster controller instead, but otherwise the process is identical.'),(0,a.kt)("p",null,"For manager initiated registration the process is identical for the local cluster or any downstream cluster. It starts by creating a cluster resource, which refers to a kubeconfig secret."),(0,a.kt)("h4",{id:"cluster---clusterregistrationtoken--import-account"},"Cluster -> ClusterRegistrationToken + Import Account"),(0,a.kt)("p",null,"Now that a cluster resource exists, ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and runs ",(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," to create the fleet-agent deployment.\u2028",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," also creates a ",(0,a.kt)("a",{parentName:"p",href:"/0.8/architecture#security"},(0,a.kt)("inlineCode",{parentName:"a"},"clusterregistrationtoken"))," and waits for it to be complete. The ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistationtoken")," triggers the creation of the import service account, which can create ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistrations"),' and read any secret in the system registration namespace (eg "cattle-fleet-clusters-system").\nThe ',(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," will enqueue itself until the import service account exists, because that\u2019s needed to create the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret.\nNow, the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," and the bootstrap secret are present on the downstream cluster"),(0,a.kt)("h4",{id:"fleet-agent---clusterregistration"},"Fleet-Agent -> ClusterRegistration"),(0,a.kt)("p",null,"Immediately the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," checks for a ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret (which contains the import kubeconfig) and starts registering if present. Then ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," creates a clusterregistration resource in fleet-default on the management cluster, with a random number. The random number will be used for the registration secret\u2019s name."),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and tries to grant the clusterregistration request to create ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent"),"\u2019s serviceaccount and create the ",(0,a.kt)("inlineCode",{parentName:"p"},"\u2018c-*\u2019")," registration secret with the clients new kubeconfig.\nThe registration secret name is ",(0,a.kt)("inlineCode",{parentName:"p"},'hash("clientID-clientRandom")'),'. The new kubeconfig uses the "request" account. The request account can access the cluster status, ',(0,a.kt)("inlineCode",{parentName:"p"},"bundledeployments")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"contents"),"."),(0,a.kt)("h3",{id:"notes"},"Notes"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},'The registration starts with the "import" account and pivots to the "request" account.'),(0,a.kt)("li",{parentName:"ul"},"The fleet-default namespace has all the cluster registrations, the import account uses a separate namespace."),(0,a.kt)("li",{parentName:"ul"},"Once the agent is registered, ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will trigger on a cluster/namespace change and call manageagent to create a bundle. The agent will update itself to the bundle and since the generation env var changes it will restart."),(0,a.kt)("li",{parentName:"ul"},"If no bootstrap secret exists, the agent will not re-register.")),(0,a.kt)("h2",{id:"diagram"},"Diagram"),(0,a.kt)("h3",{id:"process"},"Process"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/0.8/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/0.8/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})),(0,a.kt)("h3",{id:"secrets"},"Secrets"),(0,a.kt)("p",null,"This diagram shows the resources created during registration and focuses on the k8s API server configuration."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration Secrets",src:r(4408).Z,width:"1581",height:"4162"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"},4408:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistrationSecrets-deae20b127f82ebcf32a5c593b53b912.svg"}}]); \ No newline at end of file diff --git a/assets/js/22b369d5.0573302f.js b/assets/js/22b369d5.807e48ff.js similarity index 97% rename from assets/js/22b369d5.0573302f.js rename to assets/js/22b369d5.807e48ff.js index 1ae259c87..0d9bf42e5 100644 --- a/assets/js/22b369d5.0573302f.js +++ b/assets/js/22b369d5.807e48ff.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7539],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),f=c(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||a;return n?r.createElement(d,o(o({ref:t},u),{},{components:n})):r.createElement(d,o({ref:t},u))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=f;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.4/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.4/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.4/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/uninstall.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Multi-cluster Install",permalink:"/0.4/multi-cluster-install"},next:{title:"Fleet v0.4.0",permalink:"/0.4/changelogs/changelogs/v0.4.0"}},s={},c=[],u={toc:c};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"uninstall"},"Uninstall"),(0,l.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7539],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),f=c(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||a;return n?r.createElement(d,o(o({ref:t},u),{},{components:n})):r.createElement(d,o({ref:t},u))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=f;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.4/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.4/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.4/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/uninstall.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Multi-cluster Install",permalink:"/0.4/multi-cluster-install"},next:{title:"Fleet v0.4.0",permalink:"/0.4/changelogs/changelogs/v0.4.0"}},s={},c=[],u={toc:c};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"uninstall"},"Uninstall"),(0,l.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/246340c6.ac78cf6d.js b/assets/js/246340c6.348d0564.js similarity index 98% rename from assets/js/246340c6.ac78cf6d.js rename to assets/js/246340c6.348d0564.js index 060ca3aff..c33096429 100644 --- a/assets/js/246340c6.ac78cf6d.js +++ b/assets/js/246340c6.348d0564.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4508],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=a.createContext({}),p=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return a.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),d=p(n),m=r,h=d["".concat(i,".").concat(m)]||d[m]||u[m]||l;return n?a.createElement(h,o(o({ref:t},c),{},{components:n})):a.createElement(h,o({ref:t},c))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=d;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const l={},o="Mapping to Downstream Clusters",s={unversionedId:"gitrepo-targets",id:"version-0.6/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/versioned_docs/version-0.6/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.6/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/gitrepo-targets.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/0.6/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.6/bundle-diffs"}},i={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Additional Examples",id:"additional-examples",level:2}],c={toc:p};function u(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters. "),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")," "),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),": ")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("admonition",{title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will deploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed etcd's\nconfigured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details.")),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4508],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=a.createContext({}),p=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return a.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),d=p(n),m=r,h=d["".concat(i,".").concat(m)]||d[m]||u[m]||l;return n?a.createElement(h,o(o({ref:t},c),{},{components:n})):a.createElement(h,o({ref:t},c))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=d;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const l={},o="Mapping to Downstream Clusters",s={unversionedId:"gitrepo-targets",id:"version-0.6/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/versioned_docs/version-0.6/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.6/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/gitrepo-targets.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/0.6/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.6/bundle-diffs"}},i={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Additional Examples",id:"additional-examples",level:2}],c={toc:p};function u(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters. "),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")," "),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),": ")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("admonition",{title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will deploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed etcd's\nconfigured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details.")),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/24a8fd1b.437f7ebb.js b/assets/js/24a8fd1b.753bea50.js similarity index 99% rename from assets/js/24a8fd1b.437f7ebb.js rename to assets/js/24a8fd1b.753bea50.js index 7d0e138f9..49a9b6f99 100644 --- a/assets/js/24a8fd1b.437f7ebb.js +++ b/assets/js/24a8fd1b.753bea50.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[13],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>h});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),p=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=p(e.components);return r.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=p(a),h=l,d=u["".concat(s,".").concat(h)]||u[h]||m[h]||n;return a?r.createElement(d,o(o({ref:t},c),{},{components:a})):r.createElement(d,o({ref:t},c))}));function h(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>n,metadata:()=>i,toc:()=>p});var r=a(7462),l=(a(7294),a(3905));const n={title:"Fleet v0.4.1",date:"2022-11-18 13:27:55 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.4.1",id:"version-0.4/changelogs/changelogs/v0.4.1",title:"Fleet v0.4.1",description:"(rancherio-gh-m) released this 2022-11-18 1355 +0000 UTC",source:"@site/versioned_docs/version-0.4/changelogs/changelogs/v0.4.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.4.1",permalink:"/0.4/changelogs/changelogs/v0.4.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/changelogs/changelogs/v0.4.1.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"Fleet v0.4.1",date:"2022-11-18 13:27:55 +0000 UTC"},sidebar:"docs",previous:{title:"Fleet v0.4.0",permalink:"/0.4/changelogs/changelogs/v0.4.0"}},s={},p=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],c={toc:p};function m(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2022-11-18 13:27:55 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Bug Fixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Fix parameter generation when using Helm secrets in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1451303982","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1098","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1098/hovercard",href:"https://github.com/rancher/fleet/pull/1098"},"#1098")),(0,l.kt)("li",null,"Fix token expiry bug by in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1451556578","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1099","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1099/hovercard",href:"https://github.com/rancher/fleet/pull/1099"},"#1099"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.4.0...v0.4.1"},(0,l.kt)("tt",null,"v0.4.0...v0.4.1"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-0.4.1.tgz"},"fleet-crd-0.4.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-agent-0.4.1.tgz"},"fleet-agent-0.4.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-0.4.1.tgz"},"fleet-0.4.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.4.1"},"here"))))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[13],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>h});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),p=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=p(e.components);return r.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=p(a),h=l,d=u["".concat(s,".").concat(h)]||u[h]||m[h]||n;return a?r.createElement(d,o(o({ref:t},c),{},{components:a})):r.createElement(d,o({ref:t},c))}));function h(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>n,metadata:()=>i,toc:()=>p});var r=a(7462),l=(a(7294),a(3905));const n={title:"Fleet v0.4.1",date:"2022-11-18 13:27:55 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.4.1",id:"version-0.4/changelogs/changelogs/v0.4.1",title:"Fleet v0.4.1",description:"(rancherio-gh-m) released this 2022-11-18 1355 +0000 UTC",source:"@site/versioned_docs/version-0.4/changelogs/changelogs/v0.4.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.4.1",permalink:"/0.4/changelogs/changelogs/v0.4.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/changelogs/changelogs/v0.4.1.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"Fleet v0.4.1",date:"2022-11-18 13:27:55 +0000 UTC"},sidebar:"docs",previous:{title:"Fleet v0.4.0",permalink:"/0.4/changelogs/changelogs/v0.4.0"}},s={},p=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],c={toc:p};function m(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2022-11-18 13:27:55 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Bug Fixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Fix parameter generation when using Helm secrets in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1451303982","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1098","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1098/hovercard",href:"https://github.com/rancher/fleet/pull/1098"},"#1098")),(0,l.kt)("li",null,"Fix token expiry bug by in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1451556578","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1099","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1099/hovercard",href:"https://github.com/rancher/fleet/pull/1099"},"#1099"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.4.0...v0.4.1"},(0,l.kt)("tt",null,"v0.4.0...v0.4.1"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-0.4.1.tgz"},"fleet-crd-0.4.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-agent-0.4.1.tgz"},"fleet-agent-0.4.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-0.4.1.tgz"},"fleet-0.4.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.4.1"},"here"))))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/250ffcdd.cb509974.js b/assets/js/250ffcdd.2b9227b8.js similarity index 99% rename from assets/js/250ffcdd.cb509974.js rename to assets/js/250ffcdd.2b9227b8.js index 30f81d217..4b1964aa9 100644 --- a/assets/js/250ffcdd.cb509974.js +++ b/assets/js/250ffcdd.2b9227b8.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5519],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.8/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.8/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.8/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/troubleshooting.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Resource",permalink:"/0.8/ref-bundle"},next:{title:"v0.8.0",permalink:"/0.8/changelogs/changelogs/v0.8.0"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Fetch detailed status from GitRepos and Bundles?",id:"fetch-detailed-status-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled."),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"fetch-detailed-status-from-gitrepos-and-bundles"},"Fetch detailed status from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"For debugging and bug reports the raw JSON of the resources status fields is most useful.\nThis can be accessed in the Rancher UI, or through ",(0,a.kt)("inlineCode",{parentName:"p"},"kubectl"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}\nkubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}\n")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.8/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.8/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo."),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.8/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority"\n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm:\n releaseName: \n repo: \n chart: \ndiff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations"\n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.8/bundle-diffs"},"bundle diffs documentation")," for more information.")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,a.kt)("p",null,"Managing Fleet within Fleet (nested ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," usage) is not currently supported. We will update the documentation if support becomes available."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5519],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.8/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.8/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.8/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/troubleshooting.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Resource",permalink:"/0.8/ref-bundle"},next:{title:"v0.8.0",permalink:"/0.8/changelogs/changelogs/v0.8.0"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Fetch detailed status from GitRepos and Bundles?",id:"fetch-detailed-status-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled."),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"fetch-detailed-status-from-gitrepos-and-bundles"},"Fetch detailed status from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"For debugging and bug reports the raw JSON of the resources status fields is most useful.\nThis can be accessed in the Rancher UI, or through ",(0,a.kt)("inlineCode",{parentName:"p"},"kubectl"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}\nkubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}\n")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.8/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.8/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo."),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.8/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority"\n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm:\n releaseName: \n repo: \n chart: \ndiff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations"\n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.8/bundle-diffs"},"bundle diffs documentation")," for more information.")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,a.kt)("p",null,"Managing Fleet within Fleet (nested ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," usage) is not currently supported. We will update the documentation if support becomes available."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/2579085f.499e08ba.js b/assets/js/2579085f.244bc1b1.js similarity index 99% rename from assets/js/2579085f.499e08ba.js rename to assets/js/2579085f.244bc1b1.js index 682d9f29d..8d1d6bb3b 100644 --- a/assets/js/2579085f.499e08ba.js +++ b/assets/js/2579085f.244bc1b1.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1732],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},8650:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"version-0.8/tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/versioned_docs/version-0.8/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/0.8/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/tut-deployment.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.8/quickstart"},next:{title:"Uninstall",permalink:"/0.8/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/0.8/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},8650:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"version-0.8/tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/versioned_docs/version-0.8/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/0.8/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/tut-deployment.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.8/quickstart"},next:{title:"Uninstall",permalink:"/0.8/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/0.8/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{r.d(t,{Zo:()=>u,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),f=c(r),d=a,g=f["".concat(l,".").concat(d)]||f[d]||p[d]||i;return r?n.createElement(g,o(o({ref:t},u),{},{components:r})):n.createElement(g,o({ref:t},u))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,o=new Array(i);o[0]=f;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>s,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},o="Cluster Registration Internals",s={unversionedId:"ref-registration",id:"version-0.7/ref-registration",title:"Cluster Registration Internals",description:"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.",source:"@site/versioned_docs/version-0.7/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/0.7/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-registration.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/0.7/cluster-bundles-state"},next:{title:"Configuration",permalink:"/0.7/ref-configuration"}},l={},c=[],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/0.7/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/0.7/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4717],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),f=c(r),d=a,g=f["".concat(l,".").concat(d)]||f[d]||p[d]||i;return r?n.createElement(g,o(o({ref:t},u),{},{components:r})):n.createElement(g,o({ref:t},u))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,o=new Array(i);o[0]=f;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>s,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},o="Cluster Registration Internals",s={unversionedId:"ref-registration",id:"version-0.7/ref-registration",title:"Cluster Registration Internals",description:"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.",source:"@site/versioned_docs/version-0.7/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/0.7/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-registration.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/0.7/cluster-bundles-state"},next:{title:"Configuration",permalink:"/0.7/ref-configuration"}},l={},c=[],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/0.7/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/0.7/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"}}]); \ No newline at end of file diff --git a/assets/js/2a9b5780.d2cded4b.js b/assets/js/2a9b5780.ef254468.js similarity index 98% rename from assets/js/2a9b5780.d2cded4b.js rename to assets/js/2a9b5780.ef254468.js index 0ed53381d..7868a088c 100644 --- a/assets/js/2a9b5780.d2cded4b.js +++ b/assets/js/2a9b5780.ef254468.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7076],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),m=r,h=u["".concat(s,".").concat(m)]||u[m]||d[m]||l;return n?a.createElement(h,o(o({ref:t},p),{},{components:n})):a.createElement(h,o({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const l={},o="Create a Bundle Resource",i={unversionedId:"bundle-add",id:"version-0.9/bundle-add",title:"Create a Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created. In most cases Bundles should not be created",source:"@site/versioned_docs/version-0.9/bundle-add.md",sourceDirName:".",slug:"/bundle-add",permalink:"/0.9/bundle-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/bundle-add.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/0.9/imagescan"},next:{title:"fleet-agent",permalink:"/0.9/cli/fleet-agent/"}},s={},c=[{value:"Limitations",id:"limitations",level:2},{value:"Convert a Helm Chart into a Bundle",id:"convert-a-helm-chart-into-a-bundle",level:2}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-bundle-resource"},"Create a Bundle Resource"),(0,r.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created. In most cases ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundles")," should not be created\nmanually by the user. If you want to deploy resources from a git repository use a\n",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-add"},"GitRepo")," instead."),(0,r.kt)("p",null,"If you want to deploy resources without a git repository follow this guide to create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle"),"."),(0,r.kt)("p",null,"When creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," Fleet will fetch the resources from a git repository, and add them to a Bundle.\nWhen creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," resources need to be explicitly specified in the ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Spec.\nResources can be compressed with gz. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher/blob/v2.7.3/pkg/controllers/provisioningv2/managedchart/managedchart.go#L149-L153"},"here"),"\nan example of how Rancher uses compression in go code."),(0,r.kt)("p",null,"If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),".\nSee ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-targets#defining-targets"},"Mapping to Downstream Clusters"),"."),(0,r.kt)("p",null,"The following example creates a nginx ",(0,r.kt)("inlineCode",{parentName:"p"},"Deployment")," in the local cluster:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n resources:\n # List of all resources that will be deployed\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n targets:\n - clusterName: local\n\n")),(0,r.kt)("h2",{id:"limitations"},"Limitations"),(0,r.kt)("p",null,"Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.repo")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.charts"))),(0,r.kt)("p",null,"You can't use a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in resources, it is only used by the fleet-cli to create bundles."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targetRestrictions")," field is not useful, as it is an allow list for targets specified in ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets"),". It is not needed, since ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," are explicitly given in a bundle and an empty ",(0,r.kt)("inlineCode",{parentName:"p"},"targetRestrictions")," defaults to allow."),(0,r.kt)("h2",{id:"convert-a-helm-chart-into-a-bundle"},"Convert a Helm Chart into a Bundle"),(0,r.kt)("p",null,"You can use the Fleet CLI to convert a Helm chart into a bundle."),(0,r.kt)("p",null,'For example, you can download and convert the "external secrets" operator chart like this:'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"cat > targets.yaml < app/fleet.yaml < eso-bundle.yaml\n\nkubectl apply -f eso-bundle.yaml\n")),(0,r.kt)("p",null,"Make sure you use a cluster selector in ",(0,r.kt)("inlineCode",{parentName:"p"},"targets.yaml"),", that matches all clusters you want to deploy to."),(0,r.kt)("p",null,"The blog post on ",(0,r.kt)("a",{parentName:"p",href:"https://www.suse.com/c/rancher_blog/fleet-multi-cluster-deployment-with-the-help-of-external-secrets/"},"Fleet: Multi-Cluster Deployment with the Help of External Secrets")," has more information."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7076],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),m=r,h=u["".concat(s,".").concat(m)]||u[m]||d[m]||l;return n?a.createElement(h,o(o({ref:t},p),{},{components:n})):a.createElement(h,o({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const l={},o="Create a Bundle Resource",i={unversionedId:"bundle-add",id:"version-0.9/bundle-add",title:"Create a Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created. In most cases Bundles should not be created",source:"@site/versioned_docs/version-0.9/bundle-add.md",sourceDirName:".",slug:"/bundle-add",permalink:"/0.9/bundle-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/bundle-add.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/0.9/imagescan"},next:{title:"fleet-agent",permalink:"/0.9/cli/fleet-agent/"}},s={},c=[{value:"Limitations",id:"limitations",level:2},{value:"Convert a Helm Chart into a Bundle",id:"convert-a-helm-chart-into-a-bundle",level:2}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-bundle-resource"},"Create a Bundle Resource"),(0,r.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created. In most cases ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundles")," should not be created\nmanually by the user. If you want to deploy resources from a git repository use a\n",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-add"},"GitRepo")," instead."),(0,r.kt)("p",null,"If you want to deploy resources without a git repository follow this guide to create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle"),"."),(0,r.kt)("p",null,"When creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," Fleet will fetch the resources from a git repository, and add them to a Bundle.\nWhen creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," resources need to be explicitly specified in the ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Spec.\nResources can be compressed with gz. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher/blob/v2.7.3/pkg/controllers/provisioningv2/managedchart/managedchart.go#L149-L153"},"here"),"\nan example of how Rancher uses compression in go code."),(0,r.kt)("p",null,"If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),".\nSee ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-targets#defining-targets"},"Mapping to Downstream Clusters"),"."),(0,r.kt)("p",null,"The following example creates a nginx ",(0,r.kt)("inlineCode",{parentName:"p"},"Deployment")," in the local cluster:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n resources:\n # List of all resources that will be deployed\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n targets:\n - clusterName: local\n\n")),(0,r.kt)("h2",{id:"limitations"},"Limitations"),(0,r.kt)("p",null,"Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.repo")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.charts"))),(0,r.kt)("p",null,"You can't use a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in resources, it is only used by the fleet-cli to create bundles."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targetRestrictions")," field is not useful, as it is an allow list for targets specified in ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets"),". It is not needed, since ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," are explicitly given in a bundle and an empty ",(0,r.kt)("inlineCode",{parentName:"p"},"targetRestrictions")," defaults to allow."),(0,r.kt)("h2",{id:"convert-a-helm-chart-into-a-bundle"},"Convert a Helm Chart into a Bundle"),(0,r.kt)("p",null,"You can use the Fleet CLI to convert a Helm chart into a bundle."),(0,r.kt)("p",null,'For example, you can download and convert the "external secrets" operator chart like this:'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"cat > targets.yaml < app/fleet.yaml < eso-bundle.yaml\n\nkubectl apply -f eso-bundle.yaml\n")),(0,r.kt)("p",null,"Make sure you use a cluster selector in ",(0,r.kt)("inlineCode",{parentName:"p"},"targets.yaml"),", that matches all clusters you want to deploy to."),(0,r.kt)("p",null,"The blog post on ",(0,r.kt)("a",{parentName:"p",href:"https://www.suse.com/c/rancher_blog/fleet-multi-cluster-deployment-with-the-help-of-external-secrets/"},"Fleet: Multi-Cluster Deployment with the Help of External Secrets")," has more information."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/2c86db16.da3e02a6.js b/assets/js/2c86db16.9f6a116e.js similarity index 98% rename from assets/js/2c86db16.da3e02a6.js rename to assets/js/2c86db16.9f6a116e.js index eb65f7140..d2edc1dae 100644 --- a/assets/js/2c86db16.da3e02a6.js +++ b/assets/js/2c86db16.9f6a116e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5192],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var r=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function a(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function l(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var i=r.createContext({}),c=function(e){var n=r.useContext(i),t=n;return e&&(t="function"==typeof e?e(n):l(l({},n),e)),t},p=function(e){var n=c(e.components);return r.createElement(i.Provider,{value:n},e.children)},u={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},d=r.forwardRef((function(e,n){var t=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(t),f=o,m=d["".concat(i,".").concat(f)]||d[f]||u[f]||a;return t?r.createElement(m,l(l({ref:n},p),{},{components:t})):r.createElement(m,l({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var a=t.length,l=new Array(a);l[0]=d;var s={};for(var i in n)hasOwnProperty.call(n,i)&&(s[i]=n[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var c=2;c{t.r(n),t.d(n,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=t(7462),o=(t(7294),t(3905));const a={},l="Bundle Resource",s={unversionedId:"ref-bundle",id:"version-0.7/ref-bundle",title:"Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created.",source:"@site/versioned_docs/version-0.7/ref-bundle.md",sourceDirName:".",slug:"/ref-bundle",permalink:"/0.7/ref-bundle",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-bundle.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/0.7/ref-gitrepo"},next:{title:"Troubleshooting",permalink:"/0.7/troubleshooting"}},i={},c=[],p={toc:c};function u(e){let{components:n,...t}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-resource"},"Bundle Resource"),(0,o.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,o.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),".\nFor more information on how to use the Bundle resource ",(0,o.kt)("a",{parentName:"p",href:"/0.7/bundle-add"},"Create a Bundle Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # Namespace used for resources that do not specify a namespace.\n # This field is not used to enforce or lock down the deployment to a specific namespace.\n # defaultNamespace: test\n\n # If present will assign all resource to this\n # namespace and if any cluster scoped resource exists the deployment will fail.\n # targetNamespace: app\n\n # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.\n # kustomize: ...\n\n # Helm options for the deployment, like the chart name, repo and values.\n # helm: ...\n\n # ServiceAccount which will be used to perform this deployment.\n # serviceAccount: sa\n\n # ForceSyncGeneration is used to force a redeployment.\n # forceSyncGeneration: 0\n\n # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.\n # yaml: ...\n\n # Diff can be used to ignore the modified state of objects which are amended at runtime.\n # A specific commit or tag can also be watched.\n #\n # diff: ...\n\n # KeepResources can be used to keep the deployed resources when removing the bundle.\n # keepResources: false\n\n # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.\n # paused: false\n\n # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.\n # rolloutStrategy: ...\n\n # Contain the actual resources from the git repo which will be deployed.\n resources:\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n\n # This field is used by Fleet internally, and it should not be modified manually.\n # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.\n # targetRestrictions: ...\n\n # Refers to the bundles which must be ready before this bundle can be deployed.\n # dependsOn: ...\n\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5192],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var r=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function a(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function l(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var i=r.createContext({}),c=function(e){var n=r.useContext(i),t=n;return e&&(t="function"==typeof e?e(n):l(l({},n),e)),t},p=function(e){var n=c(e.components);return r.createElement(i.Provider,{value:n},e.children)},u={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},d=r.forwardRef((function(e,n){var t=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(t),f=o,m=d["".concat(i,".").concat(f)]||d[f]||u[f]||a;return t?r.createElement(m,l(l({ref:n},p),{},{components:t})):r.createElement(m,l({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var a=t.length,l=new Array(a);l[0]=d;var s={};for(var i in n)hasOwnProperty.call(n,i)&&(s[i]=n[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var c=2;c{t.r(n),t.d(n,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=t(7462),o=(t(7294),t(3905));const a={},l="Bundle Resource",s={unversionedId:"ref-bundle",id:"version-0.7/ref-bundle",title:"Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created.",source:"@site/versioned_docs/version-0.7/ref-bundle.md",sourceDirName:".",slug:"/ref-bundle",permalink:"/0.7/ref-bundle",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-bundle.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/0.7/ref-gitrepo"},next:{title:"Troubleshooting",permalink:"/0.7/troubleshooting"}},i={},c=[],p={toc:c};function u(e){let{components:n,...t}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-resource"},"Bundle Resource"),(0,o.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,o.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),".\nFor more information on how to use the Bundle resource ",(0,o.kt)("a",{parentName:"p",href:"/0.7/bundle-add"},"Create a Bundle Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # Namespace used for resources that do not specify a namespace.\n # This field is not used to enforce or lock down the deployment to a specific namespace.\n # defaultNamespace: test\n\n # If present will assign all resource to this\n # namespace and if any cluster scoped resource exists the deployment will fail.\n # targetNamespace: app\n\n # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.\n # kustomize: ...\n\n # Helm options for the deployment, like the chart name, repo and values.\n # helm: ...\n\n # ServiceAccount which will be used to perform this deployment.\n # serviceAccount: sa\n\n # ForceSyncGeneration is used to force a redeployment.\n # forceSyncGeneration: 0\n\n # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.\n # yaml: ...\n\n # Diff can be used to ignore the modified state of objects which are amended at runtime.\n # A specific commit or tag can also be watched.\n #\n # diff: ...\n\n # KeepResources can be used to keep the deployed resources when removing the bundle.\n # keepResources: false\n\n # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.\n # paused: false\n\n # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.\n # rolloutStrategy: ...\n\n # Contain the actual resources from the git repo which will be deployed.\n resources:\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n\n # This field is used by Fleet internally, and it should not be modified manually.\n # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.\n # targetRestrictions: ...\n\n # Refers to the bundles which must be ready before this bundle can be deployed.\n # dependsOn: ...\n\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/2d618eff.9525a67d.js b/assets/js/2d618eff.645dc9d4.js similarity index 99% rename from assets/js/2d618eff.9525a67d.js rename to assets/js/2d618eff.645dc9d4.js index 5f6e05664..8fd1d2acb 100644 --- a/assets/js/2d618eff.9525a67d.js +++ b/assets/js/2d618eff.645dc9d4.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7224],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.4/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.4/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.4/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/troubleshooting.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle state",permalink:"/0.4/cluster-bundles-state"},next:{title:"Advanced Users",permalink:"/0.4/advanced-users"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled. "),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo. "),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu "),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown "),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.4/gitrepo-structure"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority" \n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm: \n releaseName: \n repo: \n chart: \ndiff: \n comparePatches: \n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations" \n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/bundle-diffs"},"bundle diffs documentation")," for more information. ")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7224],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.4/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.4/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.4/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/troubleshooting.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle state",permalink:"/0.4/cluster-bundles-state"},next:{title:"Advanced Users",permalink:"/0.4/advanced-users"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled. "),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo. "),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu "),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown "),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.4/gitrepo-structure"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority" \n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm: \n releaseName: \n repo: \n chart: \ndiff: \n comparePatches: \n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations" \n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/bundle-diffs"},"bundle diffs documentation")," for more information. ")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/2dc49bc9.5fd7a2bf.js b/assets/js/2dc49bc9.2e6700a5.js similarity index 98% rename from assets/js/2dc49bc9.5fd7a2bf.js rename to assets/js/2dc49bc9.2e6700a5.js index f78ec76a3..e25d28364 100644 --- a/assets/js/2dc49bc9.5fd7a2bf.js +++ b/assets/js/2dc49bc9.2e6700a5.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8459],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"version-0.6/cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/versioned_docs/version-0.6/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/0.6/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-cli/fleet_test.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/0.6/cli/fleet-cli/fleet_apply"},next:{title:"fleet-manager",permalink:"/0.6/cli/fleet-controller/fleet-manager"}},s={},c=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8459],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"version-0.6/cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/versioned_docs/version-0.6/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/0.6/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-cli/fleet_test.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/0.6/cli/fleet-cli/fleet_apply"},next:{title:"fleet-manager",permalink:"/0.6/cli/fleet-controller/fleet-manager"}},s={},c=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/2ff44c25.2e5de4e8.js b/assets/js/2ff44c25.7143ac1b.js similarity index 97% rename from assets/js/2ff44c25.2e5de4e8.js rename to assets/js/2ff44c25.7143ac1b.js index 0b22d7979..e9d56b1cc 100644 --- a/assets/js/2ff44c25.2e5de4e8.js +++ b/assets/js/2ff44c25.7143ac1b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8627],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},s=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),s=p(n),m=a,d=s["".concat(i,".").concat(m)]||s[m]||f[m]||l;return n?r.createElement(d,o(o({ref:t},u),{},{components:n})):r.createElement(d,o({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=s;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:a,o[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>f,frontMatter:()=>l,metadata:()=>c,toc:()=>p});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-manager cleanup"},o=void 0,c={unversionedId:"cli/fleet-controller/fleet-manager_cleanup",id:"cli/fleet-controller/fleet-manager_cleanup",title:"",description:"fleet-manager cleanup",source:"@site/docs/cli/fleet-controller/fleet-manager_cleanup.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager_cleanup",permalink:"/cli/fleet-controller/fleet-manager_cleanup",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-controller/fleet-manager_cleanup.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager cleanup"},sidebar:"docs",previous:{title:"fleet-manager agentmanagement",permalink:"/cli/fleet-controller/fleet-manager_agentmanagement"},next:{title:"Cluster and Bundle State",permalink:"/cluster-bundles-state"}},i={},p=[{value:"fleet-manager cleanup",id:"fleet-manager-cleanup",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],u={toc:p};function f(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-manager-cleanup"},"fleet-manager cleanup"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-manager cleanup [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," -h, --help help for cleanup\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n")),(0,a.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager"},"fleet-manager"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8627],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},s=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),s=p(n),m=a,d=s["".concat(i,".").concat(m)]||s[m]||f[m]||l;return n?r.createElement(d,o(o({ref:t},u),{},{components:n})):r.createElement(d,o({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=s;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:a,o[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>f,frontMatter:()=>l,metadata:()=>c,toc:()=>p});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-manager cleanup"},o=void 0,c={unversionedId:"cli/fleet-controller/fleet-manager_cleanup",id:"cli/fleet-controller/fleet-manager_cleanup",title:"",description:"fleet-manager cleanup",source:"@site/docs/cli/fleet-controller/fleet-manager_cleanup.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager_cleanup",permalink:"/cli/fleet-controller/fleet-manager_cleanup",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-controller/fleet-manager_cleanup.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager cleanup"},sidebar:"docs",previous:{title:"fleet-manager agentmanagement",permalink:"/cli/fleet-controller/fleet-manager_agentmanagement"},next:{title:"Cluster and Bundle State",permalink:"/cluster-bundles-state"}},i={},p=[{value:"fleet-manager cleanup",id:"fleet-manager-cleanup",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],u={toc:p};function f(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-manager-cleanup"},"fleet-manager cleanup"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-manager cleanup [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," -h, --help help for cleanup\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n")),(0,a.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager"},"fleet-manager"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/300dc0ad.0e0999a8.js b/assets/js/300dc0ad.13c076c3.js similarity index 99% rename from assets/js/300dc0ad.0e0999a8.js rename to assets/js/300dc0ad.13c076c3.js index d967aefd1..ad823477a 100644 --- a/assets/js/300dc0ad.0e0999a8.js +++ b/assets/js/300dc0ad.13c076c3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7384],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),u=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},f=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,c=o(e,["components","mdxType","originalType","parentName"]),f=u(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||r;return n?a.createElement(d,i(i({ref:t},c),{},{components:n})):a.createElement(d,i({ref:t},c))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var u=2;u{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>u});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"version-0.9/ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/versioned_docs/version-0.9/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/0.9/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-configuration.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/0.9/ref-registration"},next:{title:"List of Deployed Resources",permalink:"/0.9/ref-resources"}},s={},u=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2},{value:"Fleet agent configuration",id:"fleet-agent-configuration",level:2}],c={toc:u};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent"),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused")),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))),(0,l.kt)("h2",{id:"fleet-agent-configuration"},"Fleet agent configuration"),(0,l.kt)("p",null,"Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a\n",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/ref-crds#clusterspec"},"Cluster"),", see ",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/cluster-registration"},"Registering Downstream Cluster")," for more info on how to create\nClusters. Default configuration will be used if these fields are not provided."),(0,l.kt)("p",null,"If you change the resources limits, make sure the limits allow the fleet-agent to work normally."),(0,l.kt)("p",null,"Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults.\nAgents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7384],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),u=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},f=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,c=o(e,["components","mdxType","originalType","parentName"]),f=u(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||r;return n?a.createElement(d,i(i({ref:t},c),{},{components:n})):a.createElement(d,i({ref:t},c))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var u=2;u{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>u});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"version-0.9/ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/versioned_docs/version-0.9/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/0.9/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-configuration.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/0.9/ref-registration"},next:{title:"List of Deployed Resources",permalink:"/0.9/ref-resources"}},s={},u=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2},{value:"Fleet agent configuration",id:"fleet-agent-configuration",level:2}],c={toc:u};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent"),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused")),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))),(0,l.kt)("h2",{id:"fleet-agent-configuration"},"Fleet agent configuration"),(0,l.kt)("p",null,"Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a\n",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/ref-crds#clusterspec"},"Cluster"),", see ",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/cluster-registration"},"Registering Downstream Cluster")," for more info on how to create\nClusters. Default configuration will be used if these fields are not provided."),(0,l.kt)("p",null,"If you change the resources limits, make sure the limits allow the fleet-agent to work normally."),(0,l.kt)("p",null,"Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults.\nAgents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/32a14031.f1461521.js b/assets/js/32a14031.13941399.js similarity index 98% rename from assets/js/32a14031.f1461521.js rename to assets/js/32a14031.13941399.js index a0a717bc4..397cc14e3 100644 --- a/assets/js/32a14031.f1461521.js +++ b/assets/js/32a14031.13941399.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8794],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),l=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},p=function(e){var t=l(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=l(n),m=o,f=d["".concat(c,".").concat(m)]||d[m]||u[m]||a;return n?r.createElement(f,s(s({ref:t},p),{},{components:n})):r.createElement(f,s({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,s=new Array(a);s[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,s[1]=i;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>l});var r=n(7462),o=(n(7294),n(3905));const a={},s="GitRepo Resource",i={unversionedId:"ref-gitrepo",id:"version-0.8/ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/versioned_docs/version-0.8/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/0.8/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-gitrepo.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/0.8/ref-fleet-yaml"},next:{title:"Bundle Resource",permalink:"/0.8/ref-bundle"}},c={},l=[],p={toc:l};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.\n # Credentials will always be used if it is empty or not provided\n #\n # helmRepoURLRegex: https://charts.rancher.io/*\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n # If empty, the "default" cluster group is used.\n #\n # targets: ...\n #\n # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses\n # a three-way merge strategy by default. \n # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating \n # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.\n # Keep in mind that resources might be recreated if force is enabled.\n # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.\n #\n # correctDrift:\n # enabled: false\n # force: false #Warning: it might recreate resources if set to true\n # keepFailHistory: false\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8794],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),l=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},p=function(e){var t=l(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=l(n),m=o,f=d["".concat(c,".").concat(m)]||d[m]||u[m]||a;return n?r.createElement(f,s(s({ref:t},p),{},{components:n})):r.createElement(f,s({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,s=new Array(a);s[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,s[1]=i;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>l});var r=n(7462),o=(n(7294),n(3905));const a={},s="GitRepo Resource",i={unversionedId:"ref-gitrepo",id:"version-0.8/ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/versioned_docs/version-0.8/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/0.8/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-gitrepo.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/0.8/ref-fleet-yaml"},next:{title:"Bundle Resource",permalink:"/0.8/ref-bundle"}},c={},l=[],p={toc:l};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.\n # Credentials will always be used if it is empty or not provided\n #\n # helmRepoURLRegex: https://charts.rancher.io/*\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n # If empty, the "default" cluster group is used.\n #\n # targets: ...\n #\n # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses\n # a three-way merge strategy by default. \n # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating \n # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.\n # Keep in mind that resources might be recreated if force is enabled.\n # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.\n #\n # correctDrift:\n # enabled: false\n # force: false #Warning: it might recreate resources if set to true\n # keepFailHistory: false\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/32c7bf40.63f47e1f.js b/assets/js/32c7bf40.4640d719.js similarity index 99% rename from assets/js/32c7bf40.63f47e1f.js rename to assets/js/32c7bf40.4640d719.js index 1d333f7a7..df197e5d1 100644 --- a/assets/js/32c7bf40.63f47e1f.js +++ b/assets/js/32c7bf40.4640d719.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6095],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=a.createContext({}),u=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=u(n),m=r,f=p["".concat(i,".").concat(m)]||p[m]||d[m]||o;return n?a.createElement(f,l(l({ref:t},c),{},{components:n})):a.createElement(f,l({ref:t},c))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,l=new Array(o);l[0]=p;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:r,l[1]=s;for(var u=2;u{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>d,frontMatter:()=>o,metadata:()=>s,toc:()=>u});var a=n(7462),r=(n(7294),n(3905));const o={},l="fleet.yaml",s={unversionedId:"ref-fleet-yaml",id:"version-0.6/ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/versioned_docs/version-0.6/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/0.6/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-fleet-yaml.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/0.6/ref-crds"},next:{title:"GitRepo Resource",permalink:"/0.6/ref-gitrepo"}},i={},u=[{value:"Reference",id:"reference",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,r.kt)("p",null,"For more information on how to use the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,r.kt)("a",{parentName:"p",href:"/0.6/gitrepo-content"},"Git Repository Contents"),"."),(0,r.kt)("p",null,"The content of the fleet.yaml corresponds to ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/bundlereader/read.go#L129-L135"},"https://github.com/rancher/fleet/blob/main/pkg/bundlereader/read.go#L129-L135"),", which contains the ",(0,r.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,r.kt)("h3",{id:"reference"},"Reference"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# Optional map of labels, that are set at the bundle and can be used in a \n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # It is possible to specify the keys and values as go template strings for\n # advanced templating needs. Most of the functions from the sprig templating\n # library are available. However, the `uuidv4` function is not supported.\n # The template context has following keys.\n # `.ClusterValues` are retrieved from target cluster\'s `spec.templateValues`\n # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.\n # `.ClusterName` as the fleet\'s cluster resource name.\n # `.ClusterNamespace` as the namespace in which the cluster resource exists.\n # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,\n # unlike helm which uses {{ }}.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default \n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n \n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector: \n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. \n clusterName: dev-cluster \n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n')))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6095],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=a.createContext({}),u=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=u(n),m=r,f=p["".concat(i,".").concat(m)]||p[m]||d[m]||o;return n?a.createElement(f,l(l({ref:t},c),{},{components:n})):a.createElement(f,l({ref:t},c))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,l=new Array(o);l[0]=p;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:r,l[1]=s;for(var u=2;u{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>d,frontMatter:()=>o,metadata:()=>s,toc:()=>u});var a=n(7462),r=(n(7294),n(3905));const o={},l="fleet.yaml",s={unversionedId:"ref-fleet-yaml",id:"version-0.6/ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/versioned_docs/version-0.6/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/0.6/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-fleet-yaml.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/0.6/ref-crds"},next:{title:"GitRepo Resource",permalink:"/0.6/ref-gitrepo"}},i={},u=[{value:"Reference",id:"reference",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,r.kt)("p",null,"For more information on how to use the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,r.kt)("a",{parentName:"p",href:"/0.6/gitrepo-content"},"Git Repository Contents"),"."),(0,r.kt)("p",null,"The content of the fleet.yaml corresponds to ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/bundlereader/read.go#L129-L135"},"https://github.com/rancher/fleet/blob/main/pkg/bundlereader/read.go#L129-L135"),", which contains the ",(0,r.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,r.kt)("h3",{id:"reference"},"Reference"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# Optional map of labels, that are set at the bundle and can be used in a \n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # It is possible to specify the keys and values as go template strings for\n # advanced templating needs. Most of the functions from the sprig templating\n # library are available. However, the `uuidv4` function is not supported.\n # The template context has following keys.\n # `.ClusterValues` are retrieved from target cluster\'s `spec.templateValues`\n # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.\n # `.ClusterName` as the fleet\'s cluster resource name.\n # `.ClusterNamespace` as the namespace in which the cluster resource exists.\n # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,\n # unlike helm which uses {{ }}.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default \n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n \n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector: \n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. \n clusterName: dev-cluster \n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n')))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/340d0560.e1b84a5e.js b/assets/js/340d0560.9c0f2e15.js similarity index 98% rename from assets/js/340d0560.e1b84a5e.js rename to assets/js/340d0560.9c0f2e15.js index 401453f37..86ad5caef 100644 --- a/assets/js/340d0560.e1b84a5e.js +++ b/assets/js/340d0560.9c0f2e15.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9246],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>g});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),p=s(n),g=a,d=p["".concat(c,".").concat(g)]||p[g]||f[g]||l;return n?r.createElement(d,o(o({ref:t},u),{},{components:n})):r.createElement(d,o({ref:t},u))}));function g(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=p;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>f,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-agent"},o=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/docs/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-agent/fleet-agent.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Create a Bundle Resource",permalink:"/bundle-add"},next:{title:"fleet-agent clusterstatus",permalink:"/cli/fleet-agent/fleet-agent_clusterstatus"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],u={toc:s};function f(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string Paths to a kubeconfig. Only required if out-of-cluster.\n --namespace string system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system\n --zap-devel Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)\n --zap-encoder encoder Zap log encoding (one of 'json' or 'console')\n --zap-log-level level Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity\n --zap-stacktrace-level level Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').\n --zap-time-encoding time-encoding Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-agent_clusterstatus"},"fleet-agent clusterstatus"),"\t - Continuously report resource status to the upstream cluster"),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-agent_register"},"fleet-agent register"),"\t - Register agent with an upstream cluster")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9246],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>g});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),p=s(n),g=a,d=p["".concat(c,".").concat(g)]||p[g]||f[g]||l;return n?r.createElement(d,o(o({ref:t},u),{},{components:n})):r.createElement(d,o({ref:t},u))}));function g(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=p;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>f,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-agent"},o=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/docs/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-agent/fleet-agent.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Create a Bundle Resource",permalink:"/bundle-add"},next:{title:"fleet-agent clusterstatus",permalink:"/cli/fleet-agent/fleet-agent_clusterstatus"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],u={toc:s};function f(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string Paths to a kubeconfig. Only required if out-of-cluster.\n --namespace string system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system\n --zap-devel Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)\n --zap-encoder encoder Zap log encoding (one of 'json' or 'console')\n --zap-log-level level Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity\n --zap-stacktrace-level level Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').\n --zap-time-encoding time-encoding Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-agent_clusterstatus"},"fleet-agent clusterstatus"),"\t - Continuously report resource status to the upstream cluster"),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-agent_register"},"fleet-agent register"),"\t - Register agent with an upstream cluster")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/34a3c1ae.38c225f3.js b/assets/js/34a3c1ae.d559c47a.js similarity index 99% rename from assets/js/34a3c1ae.38c225f3.js rename to assets/js/34a3c1ae.d559c47a.js index 416d44e4b..49a435da4 100644 --- a/assets/js/34a3c1ae.38c225f3.js +++ b/assets/js/34a3c1ae.d559c47a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5776],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>d});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),p=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return a.createElement(l.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(n),d=r,h=m["".concat(l,".").concat(d)]||m[d]||u[d]||i;return n?a.createElement(h,o(o({ref:t},c),{},{components:n})):a.createElement(h,o({ref:t},c))}));function d(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=n.length,o=new Array(i);o[0]=m;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>u,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const i={},o="Adding a GitRepo",s={unversionedId:"gitrepo-add",id:"version-0.4/gitrepo-add",title:"Adding a GitRepo",description:"Proper namespace",source:"@site/versioned_docs/version-0.4/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.4/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/gitrepo-add.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.4/namespaces"},next:{title:"Expected Repo Structure",permalink:"/0.4/gitrepo-structure"}},l={},p=[{value:"Proper namespace",id:"proper-namespace",level:2},{value:"Create GitRepo instance",id:"create-gitrepo-instance",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2}],c={toc:p};function u(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"adding-a-gitrepo"},"Adding a GitRepo"),(0,r.kt)("h2",{id:"proper-namespace"},"Proper namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.4/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.4/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo instance"),(0,r.kt)("p",null,"Git repositories are register by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," following the below YAML sample. Refer\nto the inline comments as the means of each field"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n')),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. As a workaround, split them into different gitrepos.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",null,"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.4/troubleshooting"},"here"),"."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5776],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>d});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),p=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return a.createElement(l.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(n),d=r,h=m["".concat(l,".").concat(d)]||m[d]||u[d]||i;return n?a.createElement(h,o(o({ref:t},c),{},{components:n})):a.createElement(h,o({ref:t},c))}));function d(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=n.length,o=new Array(i);o[0]=m;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>u,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const i={},o="Adding a GitRepo",s={unversionedId:"gitrepo-add",id:"version-0.4/gitrepo-add",title:"Adding a GitRepo",description:"Proper namespace",source:"@site/versioned_docs/version-0.4/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.4/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/gitrepo-add.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.4/namespaces"},next:{title:"Expected Repo Structure",permalink:"/0.4/gitrepo-structure"}},l={},p=[{value:"Proper namespace",id:"proper-namespace",level:2},{value:"Create GitRepo instance",id:"create-gitrepo-instance",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2}],c={toc:p};function u(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"adding-a-gitrepo"},"Adding a GitRepo"),(0,r.kt)("h2",{id:"proper-namespace"},"Proper namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.4/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.4/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo instance"),(0,r.kt)("p",null,"Git repositories are register by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," following the below YAML sample. Refer\nto the inline comments as the means of each field"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n')),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. As a workaround, split them into different gitrepos.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",null,"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.4/troubleshooting"},"here"),"."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/34c1e1e7.89f21994.js b/assets/js/34c1e1e7.91f1d70f.js similarity index 99% rename from assets/js/34c1e1e7.89f21994.js rename to assets/js/34c1e1e7.91f1d70f.js index ffee4c61a..f8269e17c 100644 --- a/assets/js/34c1e1e7.89f21994.js +++ b/assets/js/34c1e1e7.91f1d70f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7571],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),u=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},f=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,c=o(e,["components","mdxType","originalType","parentName"]),f=u(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||r;return n?a.createElement(d,i(i({ref:t},c),{},{components:n})):a.createElement(d,i({ref:t},c))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var u=2;u{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>u});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"version-0.8/ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/versioned_docs/version-0.8/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/0.8/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-configuration.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/0.8/ref-registration"},next:{title:"List of Deployed Resources",permalink:"/0.8/ref-resources"}},s={},u=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2},{value:"Fleet agent configuration",id:"fleet-agent-configuration",level:2}],c={toc:u};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent"),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused")),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))),(0,l.kt)("h2",{id:"fleet-agent-configuration"},"Fleet agent configuration"),(0,l.kt)("p",null,"Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a\n",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/ref-crds#clusterspec"},"Cluster"),", see ",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/cluster-registration"},"Registering Downstream Cluster")," for more info on how to create\nClusters. Default configuration will be used if these fields are not provided."),(0,l.kt)("p",null,"If you change the resources limits, make sure the limits allow the fleet-agent to work normally."),(0,l.kt)("p",null,"Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults.\nAgents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7571],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),u=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},f=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,c=o(e,["components","mdxType","originalType","parentName"]),f=u(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||r;return n?a.createElement(d,i(i({ref:t},c),{},{components:n})):a.createElement(d,i({ref:t},c))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var u=2;u{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>u});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"version-0.8/ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/versioned_docs/version-0.8/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/0.8/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-configuration.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/0.8/ref-registration"},next:{title:"List of Deployed Resources",permalink:"/0.8/ref-resources"}},s={},u=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2},{value:"Fleet agent configuration",id:"fleet-agent-configuration",level:2}],c={toc:u};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent"),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused")),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))),(0,l.kt)("h2",{id:"fleet-agent-configuration"},"Fleet agent configuration"),(0,l.kt)("p",null,"Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a\n",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/ref-crds#clusterspec"},"Cluster"),", see ",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/cluster-registration"},"Registering Downstream Cluster")," for more info on how to create\nClusters. Default configuration will be used if these fields are not provided."),(0,l.kt)("p",null,"If you change the resources limits, make sure the limits allow the fleet-agent to work normally."),(0,l.kt)("p",null,"Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults.\nAgents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/34eb4307.a2cbacfd.js b/assets/js/34eb4307.5c530660.js similarity index 98% rename from assets/js/34eb4307.a2cbacfd.js rename to assets/js/34eb4307.5c530660.js index e9503c9a4..24ec44e92 100644 --- a/assets/js/34eb4307.a2cbacfd.js +++ b/assets/js/34eb4307.5c530660.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7314],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.4/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.4/index.md",sourceDirName:".",slug:"/",permalink:"/0.4/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/index.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.4/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7314],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.4/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.4/index.md",sourceDirName:".",slug:"/",permalink:"/0.4/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/index.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.4/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file diff --git a/assets/js/370ac30b.7976f448.js b/assets/js/370ac30b.fb355374.js similarity index 99% rename from assets/js/370ac30b.7976f448.js rename to assets/js/370ac30b.fb355374.js index 4c63fe514..ab2061669 100644 --- a/assets/js/370ac30b.7976f448.js +++ b/assets/js/370ac30b.fb355374.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7678],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"version-0.9/multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/versioned_docs/version-0.9/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/0.9/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/multi-user.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/0.9/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/0.9/gitrepo-add"}},i={},c=[{value:"Example User",id:"example-user",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,a.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,a.kt)("p",null,"One addition on top of RBAC is the ",(0,a.kt)("a",{parentName:"p",href:"/0.9/namespaces#restricting-gitrepos"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,a.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,a.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,a.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,a.kt)("admonition",{title:"important information",type:"warning"},(0,a.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,a.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,a.kt)("h2",{id:"example-user"},"Example User"),(0,a.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,a.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,a.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,a.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,a.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,a.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,a.kt)("a",{parentName:"p",href:"/0.9/namespaces#cross-namespace-deployments"},(0,a.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,a.kt)("p",null,"The ",(0,a.kt)("a",{parentName:"p",href:"/0.9/gitrepo-targets"},(0,a.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,a.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,a.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,a.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,a.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,a.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,a.kt)("p",null,"This includes the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,a.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,a.kt)("p",null,"Together with the previous ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,a.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7678],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"version-0.9/multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/versioned_docs/version-0.9/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/0.9/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/multi-user.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/0.9/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/0.9/gitrepo-add"}},i={},c=[{value:"Example User",id:"example-user",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,a.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,a.kt)("p",null,"One addition on top of RBAC is the ",(0,a.kt)("a",{parentName:"p",href:"/0.9/namespaces#restricting-gitrepos"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,a.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,a.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,a.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,a.kt)("admonition",{title:"important information",type:"warning"},(0,a.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,a.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,a.kt)("h2",{id:"example-user"},"Example User"),(0,a.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,a.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,a.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,a.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,a.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,a.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,a.kt)("a",{parentName:"p",href:"/0.9/namespaces#cross-namespace-deployments"},(0,a.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,a.kt)("p",null,"The ",(0,a.kt)("a",{parentName:"p",href:"/0.9/gitrepo-targets"},(0,a.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,a.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,a.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,a.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,a.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,a.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,a.kt)("p",null,"This includes the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,a.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,a.kt)("p",null,"Together with the previous ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,a.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file diff --git a/assets/js/3718f698.55d73d20.js b/assets/js/3718f698.0e32aee1.js similarity index 97% rename from assets/js/3718f698.55d73d20.js rename to assets/js/3718f698.0e32aee1.js index 921616c26..224b826fc 100644 --- a/assets/js/3718f698.55d73d20.js +++ b/assets/js/3718f698.0e32aee1.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5763],{3905:(e,t,n)=>{n.d(t,{Zo:()=>i,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),d=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},i=function(e){var t=d(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,i=o(e,["components","mdxType","originalType","parentName"]),c=d(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},i),{},{components:n})):r.createElement(m,s({ref:t},i))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var d=2;d{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>d});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/docs/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cluster-bundles-state.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager cleanup",permalink:"/cli/fleet-controller/fleet-manager_cleanup"},next:{title:"Cluster Registration Internals",permalink:"/ref-registration"}},u={},d=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],i={toc:d};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},i,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5763],{3905:(e,t,n)=>{n.d(t,{Zo:()=>i,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),d=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},i=function(e){var t=d(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,i=o(e,["components","mdxType","originalType","parentName"]),c=d(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},i),{},{components:n})):r.createElement(m,s({ref:t},i))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var d=2;d{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>d});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/docs/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cluster-bundles-state.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager cleanup",permalink:"/cli/fleet-controller/fleet-manager_cleanup"},next:{title:"Cluster Registration Internals",permalink:"/ref-registration"}},u={},d=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],i={toc:d};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},i,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/39f5e362.f6538537.js b/assets/js/39f5e362.bbe24423.js similarity index 99% rename from assets/js/39f5e362.f6538537.js rename to assets/js/39f5e362.bbe24423.js index 6bdd0684c..ff48d867b 100644 --- a/assets/js/39f5e362.f6538537.js +++ b/assets/js/39f5e362.bbe24423.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6943],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(h,o(o({ref:t},p),{},{components:n})):r.createElement(h,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Core Concepts",s={unversionedId:"concepts",id:"version-0.5/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.5/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.5/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/concepts.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.5/quickstart"},next:{title:"Architecture",permalink:"/0.5/architecture"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.5/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"lifecycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.5/examples#lifecycle-of-a-fleet-bundle"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.5/examples#deploy-kubernetes-manifests-across-clusters-with-customization"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6943],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(h,o(o({ref:t},p),{},{components:n})):r.createElement(h,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Core Concepts",s={unversionedId:"concepts",id:"version-0.5/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.5/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.5/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/concepts.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.5/quickstart"},next:{title:"Architecture",permalink:"/0.5/architecture"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.5/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"lifecycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.5/examples#lifecycle-of-a-fleet-bundle"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.5/examples#deploy-kubernetes-manifests-across-clusters-with-customization"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/3a0e6d91.9e6fa512.js b/assets/js/3a0e6d91.ffd50d25.js similarity index 98% rename from assets/js/3a0e6d91.9e6fa512.js rename to assets/js/3a0e6d91.ffd50d25.js index a56ac9ae2..d77d0e86f 100644 --- a/assets/js/3a0e6d91.9e6fa512.js +++ b/assets/js/3a0e6d91.ffd50d25.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3467],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var r=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function a(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function l(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var i=r.createContext({}),c=function(e){var n=r.useContext(i),t=n;return e&&(t="function"==typeof e?e(n):l(l({},n),e)),t},p=function(e){var n=c(e.components);return r.createElement(i.Provider,{value:n},e.children)},u={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},d=r.forwardRef((function(e,n){var t=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(t),f=o,m=d["".concat(i,".").concat(f)]||d[f]||u[f]||a;return t?r.createElement(m,l(l({ref:n},p),{},{components:t})):r.createElement(m,l({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var a=t.length,l=new Array(a);l[0]=d;var s={};for(var i in n)hasOwnProperty.call(n,i)&&(s[i]=n[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var c=2;c{t.r(n),t.d(n,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=t(7462),o=(t(7294),t(3905));const a={},l="Bundle Resource",s={unversionedId:"ref-bundle",id:"version-0.9/ref-bundle",title:"Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created.",source:"@site/versioned_docs/version-0.9/ref-bundle.md",sourceDirName:".",slug:"/ref-bundle",permalink:"/0.9/ref-bundle",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-bundle.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/0.9/ref-gitrepo"},next:{title:"Troubleshooting",permalink:"/0.9/troubleshooting"}},i={},c=[],p={toc:c};function u(e){let{components:n,...t}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-resource"},"Bundle Resource"),(0,o.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,o.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),".\nFor more information on how to use the Bundle resource ",(0,o.kt)("a",{parentName:"p",href:"/0.9/bundle-add"},"Create a Bundle Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # Namespace used for resources that do not specify a namespace.\n # This field is not used to enforce or lock down the deployment to a specific namespace.\n # defaultNamespace: test\n\n # If present will assign all resource to this\n # namespace and if any cluster scoped resource exists the deployment will fail.\n # targetNamespace: app\n\n # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.\n # kustomize: ...\n\n # Helm options for the deployment, like the chart name, repo and values.\n # helm: ...\n\n # ServiceAccount which will be used to perform this deployment.\n # serviceAccount: sa\n\n # ForceSyncGeneration is used to force a redeployment.\n # forceSyncGeneration: 0\n\n # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.\n # yaml: ...\n\n # Diff can be used to ignore the modified state of objects which are amended at runtime.\n # A specific commit or tag can also be watched.\n #\n # diff: ...\n\n # KeepResources can be used to keep the deployed resources when removing the bundle.\n # keepResources: false\n\n # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.\n # paused: false\n\n # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.\n # rolloutStrategy: ...\n\n # Contain the actual resources from the git repo which will be deployed.\n resources:\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n\n # This field is used by Fleet internally, and it should not be modified manually.\n # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.\n # targetRestrictions: ...\n\n # Refers to the bundles which must be ready before this bundle can be deployed.\n # dependsOn: ...\n\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3467],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var r=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function a(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function l(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var i=r.createContext({}),c=function(e){var n=r.useContext(i),t=n;return e&&(t="function"==typeof e?e(n):l(l({},n),e)),t},p=function(e){var n=c(e.components);return r.createElement(i.Provider,{value:n},e.children)},u={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},d=r.forwardRef((function(e,n){var t=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(t),f=o,m=d["".concat(i,".").concat(f)]||d[f]||u[f]||a;return t?r.createElement(m,l(l({ref:n},p),{},{components:t})):r.createElement(m,l({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var a=t.length,l=new Array(a);l[0]=d;var s={};for(var i in n)hasOwnProperty.call(n,i)&&(s[i]=n[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var c=2;c{t.r(n),t.d(n,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=t(7462),o=(t(7294),t(3905));const a={},l="Bundle Resource",s={unversionedId:"ref-bundle",id:"version-0.9/ref-bundle",title:"Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created.",source:"@site/versioned_docs/version-0.9/ref-bundle.md",sourceDirName:".",slug:"/ref-bundle",permalink:"/0.9/ref-bundle",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-bundle.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/0.9/ref-gitrepo"},next:{title:"Troubleshooting",permalink:"/0.9/troubleshooting"}},i={},c=[],p={toc:c};function u(e){let{components:n,...t}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-resource"},"Bundle Resource"),(0,o.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,o.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),".\nFor more information on how to use the Bundle resource ",(0,o.kt)("a",{parentName:"p",href:"/0.9/bundle-add"},"Create a Bundle Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # Namespace used for resources that do not specify a namespace.\n # This field is not used to enforce or lock down the deployment to a specific namespace.\n # defaultNamespace: test\n\n # If present will assign all resource to this\n # namespace and if any cluster scoped resource exists the deployment will fail.\n # targetNamespace: app\n\n # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.\n # kustomize: ...\n\n # Helm options for the deployment, like the chart name, repo and values.\n # helm: ...\n\n # ServiceAccount which will be used to perform this deployment.\n # serviceAccount: sa\n\n # ForceSyncGeneration is used to force a redeployment.\n # forceSyncGeneration: 0\n\n # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.\n # yaml: ...\n\n # Diff can be used to ignore the modified state of objects which are amended at runtime.\n # A specific commit or tag can also be watched.\n #\n # diff: ...\n\n # KeepResources can be used to keep the deployed resources when removing the bundle.\n # keepResources: false\n\n # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.\n # paused: false\n\n # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.\n # rolloutStrategy: ...\n\n # Contain the actual resources from the git repo which will be deployed.\n resources:\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n\n # This field is used by Fleet internally, and it should not be modified manually.\n # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.\n # targetRestrictions: ...\n\n # Refers to the bundles which must be ready before this bundle can be deployed.\n # dependsOn: ...\n\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/3a2a2cbe.5d9864e7.js b/assets/js/3a2a2cbe.c738bb26.js similarity index 98% rename from assets/js/3a2a2cbe.5d9864e7.js rename to assets/js/3a2a2cbe.c738bb26.js index ee6c973e6..fe3d0b77f 100644 --- a/assets/js/3a2a2cbe.5d9864e7.js +++ b/assets/js/3a2a2cbe.c738bb26.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6190],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),m=r,f=u["".concat(s,".").concat(m)]||u[m]||d[m]||o;return n?a.createElement(f,l(l({ref:t},p),{},{components:n})):a.createElement(f,l({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,l=new Array(o);l[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const o={},l="Create a Bundle Resource",i={unversionedId:"bundle-add",id:"version-0.7/bundle-add",title:"Create a Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created. In most cases Bundles should not be created",source:"@site/versioned_docs/version-0.7/bundle-add.md",sourceDirName:".",slug:"/bundle-add",permalink:"/0.7/bundle-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/bundle-add.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/0.7/imagescan"},next:{title:"fleet-agent",permalink:"/0.7/cli/fleet-agent/"}},s={},c=[{value:"Limitations",id:"limitations",level:2}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-bundle-resource"},"Create a Bundle Resource"),(0,r.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created. In most cases ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundles")," should not be created\nmanually by the user. If you want to deploy resources from a git repository use a\n",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-add"},"GitRepo")," instead."),(0,r.kt)("p",null,"If you want to deploy resources without a git repository follow this guide to create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle"),"."),(0,r.kt)("p",null,"When creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," Fleet will fetch the resources from a git repository, and add them to a Bundle.\nWhen creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," resources need to be explicitly specified in the ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Spec.\nResources can be compressed with gz. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher/blob/v2.7.3/pkg/controllers/provisioningv2/managedchart/managedchart.go#L149-L153"},"here"),"\nan example of how Rancher uses compression in go code."),(0,r.kt)("p",null,"If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),".\nSee ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-targets#defining-targets"},"Mapping to Downstream Clusters"),"."),(0,r.kt)("p",null,"The following example creates a nginx ",(0,r.kt)("inlineCode",{parentName:"p"},"Deployment")," in the local cluster:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n resources:\n # List of all resources that will be deployed\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n targets:\n - clusterName: local\n\n")),(0,r.kt)("h2",{id:"limitations"},"Limitations"),(0,r.kt)("p",null,"Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.repo")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.charts"))),(0,r.kt)("p",null,"You can't use a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in resources, it is only used by the fleet-cli to create bundles."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targetRestrictions")," field is not useful, as it is an allow list for targets specified in ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets"),". It is not needed, since ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," are explicitly given in a bundle and an empty ",(0,r.kt)("inlineCode",{parentName:"p"},"targetRestrictions")," defaults to allow."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6190],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),m=r,f=u["".concat(s,".").concat(m)]||u[m]||d[m]||o;return n?a.createElement(f,l(l({ref:t},p),{},{components:n})):a.createElement(f,l({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,l=new Array(o);l[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,l[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const o={},l="Create a Bundle Resource",i={unversionedId:"bundle-add",id:"version-0.7/bundle-add",title:"Create a Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created. In most cases Bundles should not be created",source:"@site/versioned_docs/version-0.7/bundle-add.md",sourceDirName:".",slug:"/bundle-add",permalink:"/0.7/bundle-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/bundle-add.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/0.7/imagescan"},next:{title:"fleet-agent",permalink:"/0.7/cli/fleet-agent/"}},s={},c=[{value:"Limitations",id:"limitations",level:2}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-bundle-resource"},"Create a Bundle Resource"),(0,r.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created. In most cases ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundles")," should not be created\nmanually by the user. If you want to deploy resources from a git repository use a\n",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-add"},"GitRepo")," instead."),(0,r.kt)("p",null,"If you want to deploy resources without a git repository follow this guide to create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle"),"."),(0,r.kt)("p",null,"When creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," Fleet will fetch the resources from a git repository, and add them to a Bundle.\nWhen creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," resources need to be explicitly specified in the ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Spec.\nResources can be compressed with gz. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher/blob/v2.7.3/pkg/controllers/provisioningv2/managedchart/managedchart.go#L149-L153"},"here"),"\nan example of how Rancher uses compression in go code."),(0,r.kt)("p",null,"If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),".\nSee ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-targets#defining-targets"},"Mapping to Downstream Clusters"),"."),(0,r.kt)("p",null,"The following example creates a nginx ",(0,r.kt)("inlineCode",{parentName:"p"},"Deployment")," in the local cluster:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n resources:\n # List of all resources that will be deployed\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n targets:\n - clusterName: local\n\n")),(0,r.kt)("h2",{id:"limitations"},"Limitations"),(0,r.kt)("p",null,"Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.repo")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.charts"))),(0,r.kt)("p",null,"You can't use a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in resources, it is only used by the fleet-cli to create bundles."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targetRestrictions")," field is not useful, as it is an allow list for targets specified in ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets"),". It is not needed, since ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," are explicitly given in a bundle and an empty ",(0,r.kt)("inlineCode",{parentName:"p"},"targetRestrictions")," defaults to allow."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/3b61c2ee.5241bbaa.js b/assets/js/3b61c2ee.7237d44b.js similarity index 98% rename from assets/js/3b61c2ee.5241bbaa.js rename to assets/js/3b61c2ee.7237d44b.js index b531aac91..a1a00f158 100644 --- a/assets/js/3b61c2ee.5241bbaa.js +++ b/assets/js/3b61c2ee.7237d44b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[831],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>s});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),m=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=m(e.components);return r.createElement(c.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},g=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),g=m(n),s=a,u=g["".concat(c,".").concat(s)]||g[s]||f[s]||l;return n?r.createElement(u,o(o({ref:t},p),{},{components:n})):r.createElement(u,o({ref:t},p))}));function s(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=g;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var m=2;m{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>f,frontMatter:()=>l,metadata:()=>i,toc:()=>m});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-manager agentmanagement"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager_agentmanagement",id:"cli/fleet-controller/fleet-manager_agentmanagement",title:"",description:"fleet-manager agentmanagement",source:"@site/docs/cli/fleet-controller/fleet-manager_agentmanagement.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager_agentmanagement",permalink:"/cli/fleet-controller/fleet-manager_agentmanagement",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-controller/fleet-manager_agentmanagement.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager agentmanagement"},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/cli/fleet-controller/fleet-manager"},next:{title:"fleet-manager cleanup",permalink:"/cli/fleet-controller/fleet-manager_cleanup"}},c={},m=[{value:"fleet-manager agentmanagement",id:"fleet-manager-agentmanagement",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:m};function f(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-manager-agentmanagement"},"fleet-manager agentmanagement"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-manager agentmanagement [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --disable-bootstrap disable local cluster components\n -h, --help help for agentmanagement\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n")),(0,a.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager"},"fleet-manager"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[831],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>s});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),m=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=m(e.components);return r.createElement(c.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},g=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),g=m(n),s=a,u=g["".concat(c,".").concat(s)]||g[s]||f[s]||l;return n?r.createElement(u,o(o({ref:t},p),{},{components:n})):r.createElement(u,o({ref:t},p))}));function s(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=g;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var m=2;m{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>f,frontMatter:()=>l,metadata:()=>i,toc:()=>m});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-manager agentmanagement"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager_agentmanagement",id:"cli/fleet-controller/fleet-manager_agentmanagement",title:"",description:"fleet-manager agentmanagement",source:"@site/docs/cli/fleet-controller/fleet-manager_agentmanagement.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager_agentmanagement",permalink:"/cli/fleet-controller/fleet-manager_agentmanagement",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-controller/fleet-manager_agentmanagement.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager agentmanagement"},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/cli/fleet-controller/fleet-manager"},next:{title:"fleet-manager cleanup",permalink:"/cli/fleet-controller/fleet-manager_cleanup"}},c={},m=[{value:"fleet-manager agentmanagement",id:"fleet-manager-agentmanagement",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:m};function f(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-manager-agentmanagement"},"fleet-manager agentmanagement"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-manager agentmanagement [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --disable-bootstrap disable local cluster components\n -h, --help help for agentmanagement\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n")),(0,a.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager"},"fleet-manager"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/3b8c55ea.25852876.js b/assets/js/3b8c55ea.144c96fd.js similarity index 99% rename from assets/js/3b8c55ea.25852876.js rename to assets/js/3b8c55ea.144c96fd.js index d9e526010..4462801e9 100644 --- a/assets/js/3b8c55ea.25852876.js +++ b/assets/js/3b8c55ea.144c96fd.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3217],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),c=a(7392),u=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,c.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,i]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[o,c]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,u.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),g=(()=>{const e=o??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),c(e),f(e)}),[c,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:c}=e;const u=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=u.indexOf(t),l=c[a].value;l!==i&&(d(t),o(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=u.indexOf(e.currentTarget)+1;a=u[t]??u[0];break}case"ArrowLeft":{const t=u.indexOf(e.currentTarget)-1;a=u[t]??u[u.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},c.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>u.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(y,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},9250:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>f,frontMatter:()=>c,metadata:()=>d,toc:()=>h});var l=a(7462),n=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const c={},u="Installation Details",d={unversionedId:"installation",id:"installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/docs/installation.md",sourceDirName:".",slug:"/installation",permalink:"/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/installation.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources During Deployment",permalink:"/resources-during-deployment"},next:{title:"Register Downstream Clusters",permalink:"/cluster-registration"}},p={},h=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Multi-controller install: sharding",id:"multi-controller-install-sharding",level:2},{value:"Deployment",id:"deployment",level:3},{value:"How it works",id:"how-it-works",level:3},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],m={toc:h};function f(e){let{components:t,...c}=e;return(0,n.kt)("wrapper",(0,l.Z)({},m,c,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"installation-details"},"Installation Details"),(0,n.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,n.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d.next.kubernetes," or greater.")),(0,n.kt)("h2",{id:"default-install"},"Default Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)("p",null,"First add Fleet's Helm repository."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd"),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet")),(0,n.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,n.kt)("h2",{id:"multi-controller-install-sharding"},"Multi-controller install: sharding"),(0,n.kt)("h3",{id:"deployment"},"Deployment"),(0,n.kt)("p",null,"From 0.10 onwards, Fleet supports static sharding. The Fleet controller chart can be installed with ",(0,n.kt)("inlineCode",{parentName:"p"},"--set\nshards={}"),", which will result in:"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"as many Fleet controller deployments as specified unique shard IDs,"),(0,n.kt)("li",{parentName:"ul"},"plus the usual unsharded Fleet controller pod. That latter pod will be the only one containing agent management and\ncleanup containers.")),(0,n.kt)("p",null,"For instance:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'$ helm -n cattle-fleet-system install --create-namespace --wait --set shards="{foo,bar,baz}" \\\nfleet fleet/fleet\n\n$ kubectl -n cattle-fleet-system get pods -l app=fleet-controller\nNAME READY STATUS RESTARTS AGE\nfleet-controller-78c74fdb85-b6q64 3/3 Running 0 77s\nfleet-controller-shard-bar-777d888865-w2dks 1/1 Running 0 77s\nfleet-controller-shard-baz-6595bd9cb9-27whg 1/1 Running 0 77s\nfleet-controller-shard-foo-85d49b446f-pzxkw 1/1 Running 0 77s\n\n$ kubectl -n cattle-fleet-system get pods -l app=fleet-controller \\\n-o=jsonpath=\'{range .items[*]}{.metadata.name}{"\\t"}{.metadata.labels.shard}{"\\n"}{end}\'\nfleet-controller-78c74fdb85-b6q64\nfleet-controller-shard-bar-777d888865-w2dks bar\nfleet-controller-shard-baz-6595bd9cb9-27whg baz\nfleet-controller-shard-foo-85d49b446f-pzxkw foo\n')),(0,n.kt)("h3",{id:"how-it-works"},"How it works"),(0,n.kt)("p",null,"With sharding in place, each Fleet controller will process resources bearing its own shard ID. This also holds for the\nunsharded controller, which has no set shard ID and will therefore process all unsharded resources."),(0,n.kt)("p",null,"To deploy a GitRepo for a specific shard, simply add label ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.cattle.io/shard")," with your desired shard ID as a\nvalue.\nHere is an example:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"$ kubectl apply -n fleet-local -f - < ca.pem\n")),(0,n.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,n.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,n.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,n.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("h4",{id:"validate"},"Validate"),(0,n.kt)("p",null,"First validate the server URL is correct."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,n.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,n.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"If you get a valid JSON response or an ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,n.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,n.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,n.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,n.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,n.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,n.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,n.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,n.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,n.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First add Fleet's Helm repository.",(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d.next.fleetCRD),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d.next.fleet)),(0,n.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,n.kt)("a",{parentName:"p",href:"/cluster-registration"},"register clusters")," and ",(0,n.kt)("a",{parentName:"p",href:"/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3217],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),c=a(7392),u=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,c.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,i]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[o,c]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,u.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),g=(()=>{const e=o??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),c(e),f(e)}),[c,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:c}=e;const u=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=u.indexOf(t),l=c[a].value;l!==i&&(d(t),o(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=u.indexOf(e.currentTarget)+1;a=u[t]??u[0];break}case"ArrowLeft":{const t=u.indexOf(e.currentTarget)-1;a=u[t]??u[u.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},c.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>u.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(y,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},9250:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>f,frontMatter:()=>c,metadata:()=>d,toc:()=>h});var l=a(7462),n=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const c={},u="Installation Details",d={unversionedId:"installation",id:"installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/docs/installation.md",sourceDirName:".",slug:"/installation",permalink:"/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/installation.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources During Deployment",permalink:"/resources-during-deployment"},next:{title:"Register Downstream Clusters",permalink:"/cluster-registration"}},p={},h=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Multi-controller install: sharding",id:"multi-controller-install-sharding",level:2},{value:"Deployment",id:"deployment",level:3},{value:"How it works",id:"how-it-works",level:3},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],m={toc:h};function f(e){let{components:t,...c}=e;return(0,n.kt)("wrapper",(0,l.Z)({},m,c,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"installation-details"},"Installation Details"),(0,n.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,n.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d.next.kubernetes," or greater.")),(0,n.kt)("h2",{id:"default-install"},"Default Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)("p",null,"First add Fleet's Helm repository."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd"),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet")),(0,n.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,n.kt)("h2",{id:"multi-controller-install-sharding"},"Multi-controller install: sharding"),(0,n.kt)("h3",{id:"deployment"},"Deployment"),(0,n.kt)("p",null,"From 0.10 onwards, Fleet supports static sharding. The Fleet controller chart can be installed with ",(0,n.kt)("inlineCode",{parentName:"p"},"--set\nshards={}"),", which will result in:"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"as many Fleet controller deployments as specified unique shard IDs,"),(0,n.kt)("li",{parentName:"ul"},"plus the usual unsharded Fleet controller pod. That latter pod will be the only one containing agent management and\ncleanup containers.")),(0,n.kt)("p",null,"For instance:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'$ helm -n cattle-fleet-system install --create-namespace --wait --set shards="{foo,bar,baz}" \\\nfleet fleet/fleet\n\n$ kubectl -n cattle-fleet-system get pods -l app=fleet-controller\nNAME READY STATUS RESTARTS AGE\nfleet-controller-78c74fdb85-b6q64 3/3 Running 0 77s\nfleet-controller-shard-bar-777d888865-w2dks 1/1 Running 0 77s\nfleet-controller-shard-baz-6595bd9cb9-27whg 1/1 Running 0 77s\nfleet-controller-shard-foo-85d49b446f-pzxkw 1/1 Running 0 77s\n\n$ kubectl -n cattle-fleet-system get pods -l app=fleet-controller \\\n-o=jsonpath=\'{range .items[*]}{.metadata.name}{"\\t"}{.metadata.labels.shard}{"\\n"}{end}\'\nfleet-controller-78c74fdb85-b6q64\nfleet-controller-shard-bar-777d888865-w2dks bar\nfleet-controller-shard-baz-6595bd9cb9-27whg baz\nfleet-controller-shard-foo-85d49b446f-pzxkw foo\n')),(0,n.kt)("h3",{id:"how-it-works"},"How it works"),(0,n.kt)("p",null,"With sharding in place, each Fleet controller will process resources bearing its own shard ID. This also holds for the\nunsharded controller, which has no set shard ID and will therefore process all unsharded resources."),(0,n.kt)("p",null,"To deploy a GitRepo for a specific shard, simply add label ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.cattle.io/shard")," with your desired shard ID as a\nvalue.\nHere is an example:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"$ kubectl apply -n fleet-local -f - < ca.pem\n")),(0,n.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,n.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,n.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,n.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("h4",{id:"validate"},"Validate"),(0,n.kt)("p",null,"First validate the server URL is correct."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,n.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,n.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"If you get a valid JSON response or an ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,n.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,n.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,n.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,n.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,n.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,n.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,n.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,n.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,n.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First add Fleet's Helm repository.",(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d.next.fleetCRD),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d.next.fleet)),(0,n.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,n.kt)("a",{parentName:"p",href:"/cluster-registration"},"register clusters")," and ",(0,n.kt)("a",{parentName:"p",href:"/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/3d725b75.cc4996f8.js b/assets/js/3d725b75.97c16553.js similarity index 99% rename from assets/js/3d725b75.cc4996f8.js rename to assets/js/3d725b75.97c16553.js index a5de98a4c..4bb328847 100644 --- a/assets/js/3d725b75.cc4996f8.js +++ b/assets/js/3d725b75.97c16553.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9006],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,n=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(n,".").concat(p)]||u[p]||h[p]||s;return a?r.createElement(m,i(i({ref:t},d),{},{components:a})):r.createElement(m,i({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,i=new Array(s);i[0]=u;var o={};for(var n in t)hasOwnProperty.call(t,n)&&(o[n]=t[n]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>i,default:()=>h,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const s={title:"v0.6.0",date:"2023-04-05 13:35:35 +0000 UTC"},i=void 0,o={unversionedId:"changelogs/changelogs/v0.6.0",id:"version-0.6/changelogs/changelogs/v0.6.0",title:"v0.6.0",description:"(rancherio-gh-m) released this 2023-04-05 1335 +0000 UTC",source:"@site/versioned_docs/version-0.6/changelogs/changelogs/v0.6.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.6.0",permalink:"/0.6/changelogs/changelogs/v0.6.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/changelogs/changelogs/v0.6.0.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.6.0",date:"2023-04-05 13:35:35 +0000 UTC"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.6/troubleshooting"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-04-05 13:35:35 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("p",null,"Upgrading the Fleet helm chart upgrades the fleet-controller and its config. To avoid race conditions while fleet-controller starts updating the fleet-agents, we propose to scale down the fleet-controller to zero replicas before starting the upgrade."),(0,l.kt)("p",null,"When using Fleet in Rancher and updating from Rancher 2.5, the default installation namespace for fleet changes from ",(0,l.kt)("code",null,"fleet-system")," to ",(0,l.kt)("code",null,"cattle-fleet-system"),". This release adds code to re-deploy the agents if necessary, to regenerate their config in the new namespace. Once the new agent is running and the cluster resources status is ok, it's fine to delete any leftover ",(0,l.kt)("code",null,"fleet-system")," namespaces. In older versions of fleet, it's possible to ",(0,l.kt)("a",{href:"https://github.com/rancher/rancher/issues/40127#issuecomment-1379027121","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/40127/hovercard"},"copy the agent config manually")," into the new namespace, or to ",(0,l.kt)("a",{href:"https://github.com/rancher/rancher/issues/40127#issuecomment-1381884485","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/40127/hovercard"},"trigger the agent redeployment manually"),"."),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add authentication support for OCI based Helm charts by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1382535855","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/996","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/996/hovercard",href:"https://github.com/rancher/fleet/pull/996"},"#996")),(0,l.kt)("li",null,"Support cluster repo change by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1383692338","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/999","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/999/hovercard",href:"https://github.com/rancher/fleet/pull/999"},"#999")),(0,l.kt)("li",null,"Apply gitrepo labels to bundles by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1387681511","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1007","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1007/hovercard",href:"https://github.com/rancher/fleet/pull/1007"},"#1007")),(0,l.kt)("li",null,"Add allowedTargetNamespaces to GitRepoRestriction by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1387780415","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1008","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1008/hovercard",href:"https://github.com/rancher/fleet/pull/1008"},"#1008")),(0,l.kt)("li",null,"Enforce presence of targetNamespace if gitreporestriction is present. by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1406564518","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1022","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1022/hovercard",href:"https://github.com/rancher/fleet/pull/1022"},"#1022")),(0,l.kt)("li",null,"Cluster specific registry replaces global registry by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1421104730","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1053","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1053/hovercard",href:"https://github.com/rancher/fleet/pull/1053"},"#1053")),(0,l.kt)("li",null,"Reading contents&secrets uses specific service account by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1427386967","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1063","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1063/hovercard",href:"https://github.com/rancher/fleet/pull/1063"},"#1063")),(0,l.kt)("li",null,"Cluster values full templating by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1479381039","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1158","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1158/hovercard",href:"https://github.com/rancher/fleet/pull/1158"},"#1158")),(0,l.kt)("li",null,"Helm Target Customization Repo/Version Override by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/romejoe/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/romejoe"},"@romejoe")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1392005466","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1011","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1011/hovercard",href:"https://github.com/rancher/fleet/pull/1011"},"#1011")),(0,l.kt)("li",null,"Sprig Templating for Helm Values with Inputs from Cluster Resource by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rajiteh/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rajiteh"},"@rajiteh")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1071078279","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/671","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/671/hovercard",href:"https://github.com/rancher/fleet/pull/671"},"#671")),(0,l.kt)("li",null,"Add helmRepoUrlRegex to the GitRepo by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1525653440","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1234","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1234/hovercard",href:"https://github.com/rancher/fleet/pull/1234"},"#1234"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Fix token expiry bug by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1382301009","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/995","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/995/hovercard",href:"https://github.com/rancher/fleet/pull/995"},"#995")),(0,l.kt)("li",null,"Stop re-queuing on failed deployments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/mattfarina/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/mattfarina"},"@mattfarina")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1417680330","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1042","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1042/hovercard",href:"https://github.com/rancher/fleet/pull/1042"},"#1042")),(0,l.kt)("li",null,"Sync only changed objects by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1416805201","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1041","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1041/hovercard",href:"https://github.com/rancher/fleet/pull/1041"},"#1041")),(0,l.kt)("li",null,"Returning nil on signal exit by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/mattfarina/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/mattfarina"},"@mattfarina")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1452302735","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1104","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1104/hovercard",href:"https://github.com/rancher/fleet/pull/1104"},"#1104")),(0,l.kt)("li",null,"Running helm template to set up status ignores errors by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1451980114","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1103","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1103/hovercard",href:"https://github.com/rancher/fleet/pull/1103"},"#1103")),(0,l.kt)("li",null,"Do not fail on missing labels by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1458013071","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1114","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1114/hovercard",href:"https://github.com/rancher/fleet/pull/1114"},"#1114")),(0,l.kt)("li",null,"Limit recursion depth for cluster label replacement in values by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1469990739","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1143","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1143/hovercard",href:"https://github.com/rancher/fleet/pull/1143"},"#1143")),(0,l.kt)("li",null,"Update bundle status display also in case of errors by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1464493213","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1123","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1123/hovercard",href:"https://github.com/rancher/fleet/pull/1123"},"#1123")),(0,l.kt)("li",null,"Disable Gitops Feature Breaks Fleet Controller Deployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/SharpThunder/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/SharpThunder"},"@SharpThunder")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1500613071","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1185","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1185/hovercard",href:"https://github.com/rancher/fleet/pull/1185"},"#1185")),(0,l.kt)("li",null,"Do not ignore agentCheckinInterval by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1423798925","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1058","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1058/hovercard",href:"https://github.com/rancher/fleet/pull/1058"},"#1058")),(0,l.kt)("li",null,"Scaling: avoid needlessly looking up agent bundle deployments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1425571981","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1062","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1062/hovercard",href:"https://github.com/rancher/fleet/pull/1062"},"#1062")),(0,l.kt)("li",null,"Fix image scan issues by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1498888333","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1181","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1181/hovercard",href:"https://github.com/rancher/fleet/pull/1181"},"#1181")),(0,l.kt)("li",null,"Fix orphan resources created by operators by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504794320","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1201","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1201/hovercard",href:"https://github.com/rancher/fleet/pull/1201"},"#1201")),(0,l.kt)("li",null,"Don't run kustomize on repos without kustomization by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1476914588","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1157","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1157/hovercard",href:"https://github.com/rancher/fleet/pull/1157"},"#1157")),(0,l.kt)("li",null,"Fix regression in imagescan test by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1516558989","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1228","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1228/hovercard",href:"https://github.com/rancher/fleet/pull/1228"},"#1228")),(0,l.kt)("li",null,"Long release names, shorten only once by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1556499775","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1273","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1273/hovercard",href:"https://github.com/rancher/fleet/pull/1273"},"#1273")),(0,l.kt)("li",null,"Fix agent not starting in fleet-system namespace by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1585835809","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1323","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1323/hovercard",href:"https://github.com/rancher/fleet/pull/1323"},"#1323")),(0,l.kt)("li",null,"Ensure valid release name for agent by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1604911765","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1357","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1357/hovercard",href:"https://github.com/rancher/fleet/pull/1357"},"#1357")),(0,l.kt)("li",null,"Bump Gitjob to v0.1.37 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1586174726","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1326","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1326/hovercard",href:"https://github.com/rancher/fleet/pull/1326"},"#1326"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Removing the docs directory by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/mattfarina/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/mattfarina"},"@mattfarina")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1395008018","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1014","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1014/hovercard",href:"https://github.com/rancher/fleet/pull/1014"},"#1014")),(0,l.kt)("li",null,"Scripts for local testing with k3d by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1407494284","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1024","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1024/hovercard",href:"https://github.com/rancher/fleet/pull/1024"},"#1024")),(0,l.kt)("li",null,"Debug statements for controllers by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1414909060","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1036","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1036/hovercard",href:"https://github.com/rancher/fleet/pull/1036"},"#1036")),(0,l.kt)("li",null,"Scaling: make ClusterEnqueueDelay configurable via environment variable by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1434599858","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1071","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1071/hovercard",href:"https://github.com/rancher/fleet/pull/1071"},"#1071")),(0,l.kt)("li",null,"Add nightly builds by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1436218080","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1075","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1075/hovercard",href:"https://github.com/rancher/fleet/pull/1075"},"#1075")),(0,l.kt)("li",null,"Cluster registration debug messages and comments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1449716259","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1095","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1095/hovercard",href:"https://github.com/rancher/fleet/pull/1095"},"#1095")),(0,l.kt)("li",null,"Add support to continuous pprof CPU profiling by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1436593660","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1076","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1076/hovercard",href:"https://github.com/rancher/fleet/pull/1076"},"#1076")),(0,l.kt)("li",null,"Split DEVELOPING.md into separate files in docs/ by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1468082145","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1134","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1134/hovercard",href:"https://github.com/rancher/fleet/pull/1134"},"#1134")),(0,l.kt)("li",null,"Add CLI to generate reference docs by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1464695140","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1126","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1126/hovercard",href:"https://github.com/rancher/fleet/pull/1126"},"#1126")),(0,l.kt)("li",null,"Allow to run longer before killing leader during debugging by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1469310847","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1137","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1137/hovercard",href:"https://github.com/rancher/fleet/pull/1137"},"#1137")),(0,l.kt)("li",null,"Introduce parameter to debug controller but not agents by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1464500460","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1124","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1124/hovercard",href:"https://github.com/rancher/fleet/pull/1124"},"#1124")),(0,l.kt)("li",null,"Fix CRD download url by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/olblak/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/olblak"},"@olblak")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1502535254","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1190","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1190/hovercard",href:"https://github.com/rancher/fleet/pull/1190"},"#1190")),(0,l.kt)("li",null,"Add Github Action workflow to prevent manual changes to Gitjob or generated code by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1529255527","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1239","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1239/hovercard",href:"https://github.com/rancher/fleet/pull/1239"},"#1239")),(0,l.kt)("li",null,"Fleet in Rancher Upgrade CI by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1503243355","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1198","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1198/hovercard",href:"https://github.com/rancher/fleet/pull/1198"},"#1198"))),(0,l.kt)("h2",null,"New Contributors"),(0,l.kt)("ul",null,(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/romejoe/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/romejoe"},"@romejoe")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1392005466","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1011","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1011/hovercard",href:"https://github.com/rancher/fleet/pull/1011"},"#1011")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rajiteh/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rajiteh"},"@rajiteh")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1071078279","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/671","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/671/hovercard",href:"https://github.com/rancher/fleet/pull/671"},"#671")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/fossabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/fossabot"},"@fossabot")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"927564652","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/431","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/431/hovercard",href:"https://github.com/rancher/fleet/pull/431"},"#431")),(0,l.kt)("li",null,"@github-actions made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1500198507","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1182","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1182/hovercard",href:"https://github.com/rancher/fleet/pull/1182"},"#1182")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/SharpThunder/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/SharpThunder"},"@SharpThunder")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1500613071","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1185","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1185/hovercard",href:"https://github.com/rancher/fleet/pull/1185"},"#1185")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1476914588","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1157","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1157/hovercard",href:"https://github.com/rancher/fleet/pull/1157"},"#1157"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.5.0...v0.6.0"},(0,l.kt)("tt",null,"v0.5.0...v0.6.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},"fleet-crd-0.6.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz"},"fleet-agent-0.6.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz"},"fleet-0.6.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-linux-s390x"},"fleet-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.6.0"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9006],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,n=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(n,".").concat(p)]||u[p]||h[p]||s;return a?r.createElement(m,i(i({ref:t},d),{},{components:a})):r.createElement(m,i({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,i=new Array(s);i[0]=u;var o={};for(var n in t)hasOwnProperty.call(t,n)&&(o[n]=t[n]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>i,default:()=>h,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const s={title:"v0.6.0",date:"2023-04-05 13:35:35 +0000 UTC"},i=void 0,o={unversionedId:"changelogs/changelogs/v0.6.0",id:"version-0.6/changelogs/changelogs/v0.6.0",title:"v0.6.0",description:"(rancherio-gh-m) released this 2023-04-05 1335 +0000 UTC",source:"@site/versioned_docs/version-0.6/changelogs/changelogs/v0.6.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.6.0",permalink:"/0.6/changelogs/changelogs/v0.6.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/changelogs/changelogs/v0.6.0.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.6.0",date:"2023-04-05 13:35:35 +0000 UTC"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.6/troubleshooting"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-04-05 13:35:35 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("p",null,"Upgrading the Fleet helm chart upgrades the fleet-controller and its config. To avoid race conditions while fleet-controller starts updating the fleet-agents, we propose to scale down the fleet-controller to zero replicas before starting the upgrade."),(0,l.kt)("p",null,"When using Fleet in Rancher and updating from Rancher 2.5, the default installation namespace for fleet changes from ",(0,l.kt)("code",null,"fleet-system")," to ",(0,l.kt)("code",null,"cattle-fleet-system"),". This release adds code to re-deploy the agents if necessary, to regenerate their config in the new namespace. Once the new agent is running and the cluster resources status is ok, it's fine to delete any leftover ",(0,l.kt)("code",null,"fleet-system")," namespaces. In older versions of fleet, it's possible to ",(0,l.kt)("a",{href:"https://github.com/rancher/rancher/issues/40127#issuecomment-1379027121","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/40127/hovercard"},"copy the agent config manually")," into the new namespace, or to ",(0,l.kt)("a",{href:"https://github.com/rancher/rancher/issues/40127#issuecomment-1381884485","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/40127/hovercard"},"trigger the agent redeployment manually"),"."),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add authentication support for OCI based Helm charts by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1382535855","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/996","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/996/hovercard",href:"https://github.com/rancher/fleet/pull/996"},"#996")),(0,l.kt)("li",null,"Support cluster repo change by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1383692338","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/999","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/999/hovercard",href:"https://github.com/rancher/fleet/pull/999"},"#999")),(0,l.kt)("li",null,"Apply gitrepo labels to bundles by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1387681511","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1007","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1007/hovercard",href:"https://github.com/rancher/fleet/pull/1007"},"#1007")),(0,l.kt)("li",null,"Add allowedTargetNamespaces to GitRepoRestriction by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1387780415","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1008","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1008/hovercard",href:"https://github.com/rancher/fleet/pull/1008"},"#1008")),(0,l.kt)("li",null,"Enforce presence of targetNamespace if gitreporestriction is present. by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1406564518","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1022","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1022/hovercard",href:"https://github.com/rancher/fleet/pull/1022"},"#1022")),(0,l.kt)("li",null,"Cluster specific registry replaces global registry by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1421104730","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1053","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1053/hovercard",href:"https://github.com/rancher/fleet/pull/1053"},"#1053")),(0,l.kt)("li",null,"Reading contents&secrets uses specific service account by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1427386967","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1063","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1063/hovercard",href:"https://github.com/rancher/fleet/pull/1063"},"#1063")),(0,l.kt)("li",null,"Cluster values full templating by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1479381039","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1158","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1158/hovercard",href:"https://github.com/rancher/fleet/pull/1158"},"#1158")),(0,l.kt)("li",null,"Helm Target Customization Repo/Version Override by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/romejoe/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/romejoe"},"@romejoe")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1392005466","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1011","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1011/hovercard",href:"https://github.com/rancher/fleet/pull/1011"},"#1011")),(0,l.kt)("li",null,"Sprig Templating for Helm Values with Inputs from Cluster Resource by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rajiteh/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rajiteh"},"@rajiteh")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1071078279","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/671","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/671/hovercard",href:"https://github.com/rancher/fleet/pull/671"},"#671")),(0,l.kt)("li",null,"Add helmRepoUrlRegex to the GitRepo by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1525653440","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1234","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1234/hovercard",href:"https://github.com/rancher/fleet/pull/1234"},"#1234"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Fix token expiry bug by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1382301009","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/995","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/995/hovercard",href:"https://github.com/rancher/fleet/pull/995"},"#995")),(0,l.kt)("li",null,"Stop re-queuing on failed deployments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/mattfarina/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/mattfarina"},"@mattfarina")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1417680330","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1042","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1042/hovercard",href:"https://github.com/rancher/fleet/pull/1042"},"#1042")),(0,l.kt)("li",null,"Sync only changed objects by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1416805201","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1041","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1041/hovercard",href:"https://github.com/rancher/fleet/pull/1041"},"#1041")),(0,l.kt)("li",null,"Returning nil on signal exit by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/mattfarina/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/mattfarina"},"@mattfarina")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1452302735","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1104","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1104/hovercard",href:"https://github.com/rancher/fleet/pull/1104"},"#1104")),(0,l.kt)("li",null,"Running helm template to set up status ignores errors by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1451980114","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1103","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1103/hovercard",href:"https://github.com/rancher/fleet/pull/1103"},"#1103")),(0,l.kt)("li",null,"Do not fail on missing labels by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1458013071","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1114","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1114/hovercard",href:"https://github.com/rancher/fleet/pull/1114"},"#1114")),(0,l.kt)("li",null,"Limit recursion depth for cluster label replacement in values by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1469990739","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1143","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1143/hovercard",href:"https://github.com/rancher/fleet/pull/1143"},"#1143")),(0,l.kt)("li",null,"Update bundle status display also in case of errors by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1464493213","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1123","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1123/hovercard",href:"https://github.com/rancher/fleet/pull/1123"},"#1123")),(0,l.kt)("li",null,"Disable Gitops Feature Breaks Fleet Controller Deployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/SharpThunder/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/SharpThunder"},"@SharpThunder")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1500613071","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1185","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1185/hovercard",href:"https://github.com/rancher/fleet/pull/1185"},"#1185")),(0,l.kt)("li",null,"Do not ignore agentCheckinInterval by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1423798925","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1058","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1058/hovercard",href:"https://github.com/rancher/fleet/pull/1058"},"#1058")),(0,l.kt)("li",null,"Scaling: avoid needlessly looking up agent bundle deployments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1425571981","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1062","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1062/hovercard",href:"https://github.com/rancher/fleet/pull/1062"},"#1062")),(0,l.kt)("li",null,"Fix image scan issues by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1498888333","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1181","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1181/hovercard",href:"https://github.com/rancher/fleet/pull/1181"},"#1181")),(0,l.kt)("li",null,"Fix orphan resources created by operators by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504794320","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1201","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1201/hovercard",href:"https://github.com/rancher/fleet/pull/1201"},"#1201")),(0,l.kt)("li",null,"Don't run kustomize on repos without kustomization by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1476914588","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1157","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1157/hovercard",href:"https://github.com/rancher/fleet/pull/1157"},"#1157")),(0,l.kt)("li",null,"Fix regression in imagescan test by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1516558989","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1228","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1228/hovercard",href:"https://github.com/rancher/fleet/pull/1228"},"#1228")),(0,l.kt)("li",null,"Long release names, shorten only once by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1556499775","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1273","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1273/hovercard",href:"https://github.com/rancher/fleet/pull/1273"},"#1273")),(0,l.kt)("li",null,"Fix agent not starting in fleet-system namespace by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1585835809","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1323","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1323/hovercard",href:"https://github.com/rancher/fleet/pull/1323"},"#1323")),(0,l.kt)("li",null,"Ensure valid release name for agent by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1604911765","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1357","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1357/hovercard",href:"https://github.com/rancher/fleet/pull/1357"},"#1357")),(0,l.kt)("li",null,"Bump Gitjob to v0.1.37 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1586174726","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1326","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1326/hovercard",href:"https://github.com/rancher/fleet/pull/1326"},"#1326"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Removing the docs directory by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/mattfarina/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/mattfarina"},"@mattfarina")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1395008018","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1014","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1014/hovercard",href:"https://github.com/rancher/fleet/pull/1014"},"#1014")),(0,l.kt)("li",null,"Scripts for local testing with k3d by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1407494284","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1024","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1024/hovercard",href:"https://github.com/rancher/fleet/pull/1024"},"#1024")),(0,l.kt)("li",null,"Debug statements for controllers by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1414909060","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1036","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1036/hovercard",href:"https://github.com/rancher/fleet/pull/1036"},"#1036")),(0,l.kt)("li",null,"Scaling: make ClusterEnqueueDelay configurable via environment variable by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1434599858","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1071","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1071/hovercard",href:"https://github.com/rancher/fleet/pull/1071"},"#1071")),(0,l.kt)("li",null,"Add nightly builds by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1436218080","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1075","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1075/hovercard",href:"https://github.com/rancher/fleet/pull/1075"},"#1075")),(0,l.kt)("li",null,"Cluster registration debug messages and comments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1449716259","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1095","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1095/hovercard",href:"https://github.com/rancher/fleet/pull/1095"},"#1095")),(0,l.kt)("li",null,"Add support to continuous pprof CPU profiling by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1436593660","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1076","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1076/hovercard",href:"https://github.com/rancher/fleet/pull/1076"},"#1076")),(0,l.kt)("li",null,"Split DEVELOPING.md into separate files in docs/ by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1468082145","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1134","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1134/hovercard",href:"https://github.com/rancher/fleet/pull/1134"},"#1134")),(0,l.kt)("li",null,"Add CLI to generate reference docs by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1464695140","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1126","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1126/hovercard",href:"https://github.com/rancher/fleet/pull/1126"},"#1126")),(0,l.kt)("li",null,"Allow to run longer before killing leader during debugging by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1469310847","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1137","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1137/hovercard",href:"https://github.com/rancher/fleet/pull/1137"},"#1137")),(0,l.kt)("li",null,"Introduce parameter to debug controller but not agents by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1464500460","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1124","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1124/hovercard",href:"https://github.com/rancher/fleet/pull/1124"},"#1124")),(0,l.kt)("li",null,"Fix CRD download url by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/olblak/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/olblak"},"@olblak")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1502535254","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1190","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1190/hovercard",href:"https://github.com/rancher/fleet/pull/1190"},"#1190")),(0,l.kt)("li",null,"Add Github Action workflow to prevent manual changes to Gitjob or generated code by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1529255527","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1239","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1239/hovercard",href:"https://github.com/rancher/fleet/pull/1239"},"#1239")),(0,l.kt)("li",null,"Fleet in Rancher Upgrade CI by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1503243355","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1198","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1198/hovercard",href:"https://github.com/rancher/fleet/pull/1198"},"#1198"))),(0,l.kt)("h2",null,"New Contributors"),(0,l.kt)("ul",null,(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/romejoe/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/romejoe"},"@romejoe")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1392005466","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1011","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1011/hovercard",href:"https://github.com/rancher/fleet/pull/1011"},"#1011")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rajiteh/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rajiteh"},"@rajiteh")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1071078279","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/671","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/671/hovercard",href:"https://github.com/rancher/fleet/pull/671"},"#671")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/fossabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/fossabot"},"@fossabot")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"927564652","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/431","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/431/hovercard",href:"https://github.com/rancher/fleet/pull/431"},"#431")),(0,l.kt)("li",null,"@github-actions made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1500198507","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1182","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1182/hovercard",href:"https://github.com/rancher/fleet/pull/1182"},"#1182")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/SharpThunder/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/SharpThunder"},"@SharpThunder")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1500613071","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1185","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1185/hovercard",href:"https://github.com/rancher/fleet/pull/1185"},"#1185")),(0,l.kt)("li",null,(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," made their first contribution in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1476914588","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1157","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1157/hovercard",href:"https://github.com/rancher/fleet/pull/1157"},"#1157"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.5.0...v0.6.0"},(0,l.kt)("tt",null,"v0.5.0...v0.6.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},"fleet-crd-0.6.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz"},"fleet-agent-0.6.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz"},"fleet-0.6.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-linux-s390x"},"fleet-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.6.0"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/3d7b86e7.8dc9df63.js b/assets/js/3d7b86e7.eb39b0cf.js similarity index 96% rename from assets/js/3d7b86e7.8dc9df63.js rename to assets/js/3d7b86e7.eb39b0cf.js index ecff4b75b..c4a4964d3 100644 --- a/assets/js/3d7b86e7.8dc9df63.js +++ b/assets/js/3d7b86e7.eb39b0cf.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3951],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>d});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),l=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(i.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,i=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),f=l(r),d=o,m=f["".concat(i,".").concat(d)]||f[d]||p[d]||s;return r?n.createElement(m,a(a({ref:t},u),{},{components:r})):n.createElement(m,a({ref:t},u))}));function d(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,a=new Array(s);a[0]=f;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:o,a[1]=c;for(var l=2;l{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>a,default:()=>p,frontMatter:()=>s,metadata:()=>c,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},a="Custom Resources",c={unversionedId:"ref-resources",id:"version-0.6/ref-resources",title:"Custom Resources",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/versioned_docs/version-0.6/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/0.6/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-resources.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.6/namespaces"},next:{title:"Installation Details",permalink:"/0.6/installation"}},i={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources"},"Custom Resources"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3951],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>d});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),l=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(i.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,i=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),f=l(r),d=o,m=f["".concat(i,".").concat(d)]||f[d]||p[d]||s;return r?n.createElement(m,a(a({ref:t},u),{},{components:r})):n.createElement(m,a({ref:t},u))}));function d(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,a=new Array(s);a[0]=f;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:o,a[1]=c;for(var l=2;l{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>a,default:()=>p,frontMatter:()=>s,metadata:()=>c,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},a="Custom Resources",c={unversionedId:"ref-resources",id:"version-0.6/ref-resources",title:"Custom Resources",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/versioned_docs/version-0.6/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/0.6/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-resources.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.6/namespaces"},next:{title:"Installation Details",permalink:"/0.6/installation"}},i={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources"},"Custom Resources"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file diff --git a/assets/js/4177aba1.74c80448.js b/assets/js/4177aba1.877c7c2f.js similarity index 98% rename from assets/js/4177aba1.74c80448.js rename to assets/js/4177aba1.877c7c2f.js index c7a10214c..83b6889c3 100644 --- a/assets/js/4177aba1.74c80448.js +++ b/assets/js/4177aba1.877c7c2f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2992],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),u=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,u._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[u,i]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),b=(()=>{const e=u??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{b&&o(b)}),[b]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:o,selectValue:u,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=i[a].value;l!==o&&(d(t),u(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",g)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},9325:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>m,frontMatter:()=>u,metadata:()=>c,toc:()=>p});var l=a(7462),n=(a(7294),a(3905)),r=(a(6828),a(814)),s=a(4866),o=a(5162);const u={},i="Quick Start",c={unversionedId:"quickstart",id:"version-0.8/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.8/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.8/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/quickstart.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.8/"},next:{title:"Creating a Deployment",permalink:"/0.8/tut-deployment"}},d={},p=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],h={toc:p};function m(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null," Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is\nfairly straightforward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)(s.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/")),(0,n.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/"))),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd\n","helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet"),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be ran in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}m.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2992],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),u=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,u._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[u,i]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),b=(()=>{const e=u??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{b&&o(b)}),[b]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:o,selectValue:u,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=i[a].value;l!==o&&(d(t),u(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",g)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},9325:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>m,frontMatter:()=>u,metadata:()=>c,toc:()=>p});var l=a(7462),n=(a(7294),a(3905)),r=(a(6828),a(814)),s=a(4866),o=a(5162);const u={},i="Quick Start",c={unversionedId:"quickstart",id:"version-0.8/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.8/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.8/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/quickstart.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.8/"},next:{title:"Creating a Deployment",permalink:"/0.8/tut-deployment"}},d={},p=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],h={toc:p};function m(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null," Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is\nfairly straightforward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)(s.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/")),(0,n.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/"))),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd\n","helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet"),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be ran in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}m.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/41b31679.a242089e.js b/assets/js/41b31679.5480c674.js similarity index 99% rename from assets/js/41b31679.a242089e.js rename to assets/js/41b31679.5480c674.js index 496cac664..68048c898 100644 --- a/assets/js/41b31679.a242089e.js +++ b/assets/js/41b31679.5480c674.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3977],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.9/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.9/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.9/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/troubleshooting.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Resource",permalink:"/0.9/ref-bundle"},next:{title:"v0.9.0",permalink:"/0.9/changelogs/changelogs/v0.9.0"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Fetch detailed status from GitRepos and Bundles?",id:"fetch-detailed-status-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled."),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"fetch-detailed-status-from-gitrepos-and-bundles"},"Fetch detailed status from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"For debugging and bug reports the raw JSON of the resources status fields is most useful.\nThis can be accessed in the Rancher UI, or through ",(0,a.kt)("inlineCode",{parentName:"p"},"kubectl"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}\nkubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}\n")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.9/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.9/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo."),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.9/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority"\n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm:\n releaseName: \n repo: \n chart: \ndiff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations"\n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.9/bundle-diffs"},"bundle diffs documentation")," for more information.")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,a.kt)("p",null,"Managing Fleet within Fleet (nested ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," usage) is not currently supported. We will update the documentation if support becomes available."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3977],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.9/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.9/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.9/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/troubleshooting.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Resource",permalink:"/0.9/ref-bundle"},next:{title:"v0.9.0",permalink:"/0.9/changelogs/changelogs/v0.9.0"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Fetch detailed status from GitRepos and Bundles?",id:"fetch-detailed-status-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled."),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"fetch-detailed-status-from-gitrepos-and-bundles"},"Fetch detailed status from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"For debugging and bug reports the raw JSON of the resources status fields is most useful.\nThis can be accessed in the Rancher UI, or through ",(0,a.kt)("inlineCode",{parentName:"p"},"kubectl"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}\nkubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}\n")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.9/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.9/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo."),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.9/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority"\n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm:\n releaseName: \n repo: \n chart: \ndiff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations"\n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.9/bundle-diffs"},"bundle diffs documentation")," for more information.")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,a.kt)("p",null,"Managing Fleet within Fleet (nested ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," usage) is not currently supported. We will update the documentation if support becomes available."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/45a5cd1f.c8a1fc5f.js b/assets/js/45a5cd1f.dddadb6a.js similarity index 99% rename from assets/js/45a5cd1f.c8a1fc5f.js rename to assets/js/45a5cd1f.dddadb6a.js index 8fe2e8519..2acf5fea3 100644 --- a/assets/js/45a5cd1f.c8a1fc5f.js +++ b/assets/js/45a5cd1f.dddadb6a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3365],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(h,o(o({ref:t},p),{},{components:n})):r.createElement(h,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Core Concepts",s={unversionedId:"concepts",id:"concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/docs/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/concepts.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/architecture"},next:{title:"Bundle Lifecycle",permalink:"/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3365],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(h,o(o({ref:t},p),{},{components:n})):r.createElement(h,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Core Concepts",s={unversionedId:"concepts",id:"concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/docs/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/concepts.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/architecture"},next:{title:"Bundle Lifecycle",permalink:"/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/46c9c1f8.2d221189.js b/assets/js/46c9c1f8.30c5db25.js similarity index 97% rename from assets/js/46c9c1f8.2d221189.js rename to assets/js/46c9c1f8.30c5db25.js index e45105b62..2d4ded112 100644 --- a/assets/js/46c9c1f8.2d221189.js +++ b/assets/js/46c9c1f8.30c5db25.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[252],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),f=c(r),d=a,g=f["".concat(l,".").concat(d)]||f[d]||p[d]||i;return r?n.createElement(g,o(o({ref:t},u),{},{components:r})):n.createElement(g,o({ref:t},u))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,o=new Array(i);o[0]=f;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>s,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},o="Cluster Registration Internals",s={unversionedId:"ref-registration",id:"version-0.6/ref-registration",title:"Cluster Registration Internals",description:"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.",source:"@site/versioned_docs/version-0.6/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/0.6/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-registration.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/0.6/cluster-bundles-state"},next:{title:"Configuration",permalink:"/0.6/ref-configuration"}},l={},c=[],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/0.6/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/0.6/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[252],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),f=c(r),d=a,g=f["".concat(l,".").concat(d)]||f[d]||p[d]||i;return r?n.createElement(g,o(o({ref:t},u),{},{components:r})):n.createElement(g,o({ref:t},u))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,o=new Array(i);o[0]=f;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>s,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},o="Cluster Registration Internals",s={unversionedId:"ref-registration",id:"version-0.6/ref-registration",title:"Cluster Registration Internals",description:"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.",source:"@site/versioned_docs/version-0.6/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/0.6/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-registration.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/0.6/cluster-bundles-state"},next:{title:"Configuration",permalink:"/0.6/ref-configuration"}},l={},c=[],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/0.6/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/0.6/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"}}]); \ No newline at end of file diff --git a/assets/js/49af6a86.6ef2a235.js b/assets/js/49af6a86.59b913d8.js similarity index 98% rename from assets/js/49af6a86.6ef2a235.js rename to assets/js/49af6a86.59b913d8.js index 7d50fdcec..f6126dca5 100644 --- a/assets/js/49af6a86.6ef2a235.js +++ b/assets/js/49af6a86.59b913d8.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7619],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),h=c(n),d=a,m=h["".concat(l,".").concat(d)]||h[d]||p[d]||o;return n?r.createElement(m,s(s({ref:t},u),{},{components:n})):r.createElement(m,s({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,s=new Array(o);s[0]=h;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i.mdxType="string"==typeof e?e:a,s[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},s="Architecture",i={unversionedId:"architecture",id:"version-0.4/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.4/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.4/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/architecture.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.4/concepts"},next:{title:"Examples",permalink:"/0.4/examples"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.4/manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7619],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),h=c(n),d=a,m=h["".concat(l,".").concat(d)]||h[d]||p[d]||o;return n?r.createElement(m,s(s({ref:t},u),{},{components:n})):r.createElement(m,s({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,s=new Array(o);s[0]=h;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i.mdxType="string"==typeof e?e:a,s[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},s="Architecture",i={unversionedId:"architecture",id:"version-0.4/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.4/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.4/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/architecture.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.4/concepts"},next:{title:"Examples",permalink:"/0.4/examples"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.4/manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file diff --git a/assets/js/4ccb6852.e063851b.js b/assets/js/4ccb6852.190d1e6a.js similarity index 97% rename from assets/js/4ccb6852.e063851b.js rename to assets/js/4ccb6852.190d1e6a.js index f37eb58ed..6a1c932f1 100644 --- a/assets/js/4ccb6852.e063851b.js +++ b/assets/js/4ccb6852.190d1e6a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3084],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},p=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},i={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||i[d]||o;return r?n.createElement(f,s(s({ref:t},p),{},{components:r})):n.createElement(f,s({ref:t},p))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>i,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/docs/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cluster-group.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/cluster-registration"},next:{title:"Setup Multi User",permalink:"/multi-user"}},c={},u=[],p={toc:u};function i(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}i.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3084],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},p=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},i={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||i[d]||o;return r?n.createElement(f,s(s({ref:t},p),{},{components:r})):n.createElement(f,s({ref:t},p))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>i,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/docs/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cluster-group.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/cluster-registration"},next:{title:"Setup Multi User",permalink:"/multi-user"}},c={},u=[],p={toc:u};function i(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}i.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/4e63d43a.b8452125.js b/assets/js/4e63d43a.fa377143.js similarity index 98% rename from assets/js/4e63d43a.b8452125.js rename to assets/js/4e63d43a.fa377143.js index 64d684eee..af72311a3 100644 --- a/assets/js/4e63d43a.b8452125.js +++ b/assets/js/4e63d43a.fa377143.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[532],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>u});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(a),u=l,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||n;return a?r.createElement(m,o(o({ref:t},p),{},{components:a})):r.createElement(m,o({ref:t},p))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>n,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.9.4",date:"2024-05-02 12:48:10 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.9.4",id:"version-0.9/changelogs/changelogs/v0.9.4",title:"v0.9.4",description:"(rancherio-gh-m) released this 2024-05-02 1210 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.4.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.4",permalink:"/0.9/changelogs/changelogs/v0.9.4",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.4.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.4",date:"2024-05-02 12:48:10 +0000 UTC"},sidebar:"docs",previous:{title:"v0.9.3",permalink:"/0.9/changelogs/changelogs/v0.9.3"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],p={toc:c};function d(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-05-02 12:48:10 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump github.com/hashicorp/go-getter to v1.7.4 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2256449008","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2350","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2350/hovercard",href:"https://github.com/rancher/fleet/pull/2350"},"#2350")),(0,l.kt)("li",null,"Bump golang.org/x/net to v0.23.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2268170759","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2384","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2384/hovercard",href:"https://github.com/rancher/fleet/pull/2384"},"#2384")),(0,l.kt)("li",null,"Bump gitjob to 0.9.7 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2268173378","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2385","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2385/hovercard",href:"https://github.com/rancher/fleet/pull/2385"},"#2385"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.9.3...v0.9.4"},(0,l.kt)("tt",null,"v0.9.3...v0.9.4"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-crd-0.9.4.tgz"},"fleet-crd-0.9.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-agent-0.9.4.tgz"},"fleet-agent-0.9.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-0.9.4.tgz"},"fleet-0.9.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.4"},"here"))))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[532],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>u});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(a),u=l,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||n;return a?r.createElement(m,o(o({ref:t},p),{},{components:a})):r.createElement(m,o({ref:t},p))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>n,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.9.4",date:"2024-05-02 12:48:10 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.9.4",id:"version-0.9/changelogs/changelogs/v0.9.4",title:"v0.9.4",description:"(rancherio-gh-m) released this 2024-05-02 1210 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.4.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.4",permalink:"/0.9/changelogs/changelogs/v0.9.4",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.4.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.4",date:"2024-05-02 12:48:10 +0000 UTC"},sidebar:"docs",previous:{title:"v0.9.3",permalink:"/0.9/changelogs/changelogs/v0.9.3"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],p={toc:c};function d(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-05-02 12:48:10 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump github.com/hashicorp/go-getter to v1.7.4 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2256449008","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2350","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2350/hovercard",href:"https://github.com/rancher/fleet/pull/2350"},"#2350")),(0,l.kt)("li",null,"Bump golang.org/x/net to v0.23.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2268170759","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2384","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2384/hovercard",href:"https://github.com/rancher/fleet/pull/2384"},"#2384")),(0,l.kt)("li",null,"Bump gitjob to 0.9.7 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2268173378","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2385","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2385/hovercard",href:"https://github.com/rancher/fleet/pull/2385"},"#2385"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.9.3...v0.9.4"},(0,l.kt)("tt",null,"v0.9.3...v0.9.4"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-crd-0.9.4.tgz"},"fleet-crd-0.9.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-agent-0.9.4.tgz"},"fleet-agent-0.9.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-0.9.4.tgz"},"fleet-0.9.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.4/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.4"},"here"))))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/4fac8f87.050de60d.js b/assets/js/4fac8f87.d2adc93a.js similarity index 98% rename from assets/js/4fac8f87.050de60d.js rename to assets/js/4fac8f87.d2adc93a.js index a86cb4ce8..3b9b745fd 100644 --- a/assets/js/4fac8f87.050de60d.js +++ b/assets/js/4fac8f87.d2adc93a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7526],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Quick Start",i={unversionedId:"quickstart",id:"version-0.4/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.4/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.4/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/quickstart.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.4/"},next:{title:"Core Concepts",permalink:"/0.4/concepts"}},s={},c=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"quick-start"},"Quick Start"),(0,a.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,a.kt)("h2",{id:"install"},"Install"),(0,a.kt)("p",null,"Get helm if you don't have it. Helm 3 is just a CLI and won't do bad insecure\nthings to your cluster."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,a.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-v0.4.1.tgz\nhelm -n cattle-fleet-system install --create-namespace --wait \\\n fleet https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-v0.4.1.tgz\n")),(0,a.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to watch"),(0,a.kt)("p",null,"Change ",(0,a.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,a.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,a.kt)("h2",{id:"get-status"},"Get Status"),(0,a.kt)("p",null,"Get status of what fleet is doing"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,a.kt)("p",null,"You should see something like this get created in your cluster."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,a.kt)("p",null,"Enjoy and read the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7526],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Quick Start",i={unversionedId:"quickstart",id:"version-0.4/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.4/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.4/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/quickstart.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.4/"},next:{title:"Core Concepts",permalink:"/0.4/concepts"}},s={},c=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"quick-start"},"Quick Start"),(0,a.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,a.kt)("h2",{id:"install"},"Install"),(0,a.kt)("p",null,"Get helm if you don't have it. Helm 3 is just a CLI and won't do bad insecure\nthings to your cluster."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,a.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-v0.4.1.tgz\nhelm -n cattle-fleet-system install --create-namespace --wait \\\n fleet https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-v0.4.1.tgz\n")),(0,a.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to watch"),(0,a.kt)("p",null,"Change ",(0,a.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,a.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,a.kt)("h2",{id:"get-status"},"Get Status"),(0,a.kt)("p",null,"Get status of what fleet is doing"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,a.kt)("p",null,"You should see something like this get created in your cluster."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,a.kt)("p",null,"Enjoy and read the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/504a9fc5.89b1c74a.js b/assets/js/504a9fc5.1b613d37.js similarity index 98% rename from assets/js/504a9fc5.89b1c74a.js rename to assets/js/504a9fc5.1b613d37.js index 95c5cc120..b7083a924 100644 --- a/assets/js/504a9fc5.89b1c74a.js +++ b/assets/js/504a9fc5.1b613d37.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[936],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},l="Core Concepts",s={unversionedId:"concepts",id:"version-0.8/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.8/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.8/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/concepts.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.8/architecture"},next:{title:"Bundle Lifecycle",permalink:"/0.8/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.8/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.8/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.8/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[936],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},l="Core Concepts",s={unversionedId:"concepts",id:"version-0.8/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.8/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.8/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/concepts.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.8/architecture"},next:{title:"Bundle Lifecycle",permalink:"/0.8/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.8/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.8/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.8/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/50b0676a.eed23ffb.js b/assets/js/50b0676a.cd949ebe.js similarity index 98% rename from assets/js/50b0676a.eed23ffb.js rename to assets/js/50b0676a.cd949ebe.js index b5c11ac1d..5c192c0f9 100644 --- a/assets/js/50b0676a.eed23ffb.js +++ b/assets/js/50b0676a.cd949ebe.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2088],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"version-0.8/cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/versioned_docs/version-0.8/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/0.8/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-cli/fleet_test.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/0.8/cli/fleet-cli/fleet_apply"},next:{title:"fleet-manager",permalink:"/0.8/cli/fleet-controller/fleet-manager"}},s={},c=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2088],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"version-0.8/cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/versioned_docs/version-0.8/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/0.8/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-cli/fleet_test.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/0.8/cli/fleet-cli/fleet_apply"},next:{title:"fleet-manager",permalink:"/0.8/cli/fleet-controller/fleet-manager"}},s={},c=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/5176c92e.775dc1fd.js b/assets/js/5176c92e.ef9a10b3.js similarity index 98% rename from assets/js/5176c92e.775dc1fd.js rename to assets/js/5176c92e.ef9a10b3.js index 3779928fb..8d7973ae9 100644 --- a/assets/js/5176c92e.775dc1fd.js +++ b/assets/js/5176c92e.ef9a10b3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4955],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.7/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.7/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.7/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/uninstall.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/0.7/tut-deployment"},next:{title:"Architecture",permalink:"/0.7/architecture"}},s={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4955],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.7/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.7/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.7/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/uninstall.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/0.7/tut-deployment"},next:{title:"Architecture",permalink:"/0.7/architecture"}},s={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/522d95f1.2390e7ed.js b/assets/js/522d95f1.fa737fb7.js similarity index 99% rename from assets/js/522d95f1.2390e7ed.js rename to assets/js/522d95f1.fa737fb7.js index fa6c30191..29acc1a85 100644 --- a/assets/js/522d95f1.2390e7ed.js +++ b/assets/js/522d95f1.fa737fb7.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5279],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var o=r.createContext({}),c=function(e){var t=r.useContext(o),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(o.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,o=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=l,h=m["".concat(o,".").concat(d)]||m[d]||p[d]||a;return n?r.createElement(h,i(i({ref:t},u),{},{components:n})):r.createElement(h,i({ref:t},u))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,i=new Array(a);i[0]=m;var s={};for(var o in t)hasOwnProperty.call(t,o)&&(s[o]=t[o]);s.originalType=e,s.mdxType="string"==typeof e?e:l,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>o,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={},i="Multi-cluster Install",s={unversionedId:"multi-cluster-install",id:"version-0.4/multi-cluster-install",title:"Multi-cluster Install",description:"Note: Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under Continuous Delivery on Rancher.",source:"@site/versioned_docs/version-0.4/multi-cluster-install.md",sourceDirName:".",slug:"/multi-cluster-install",permalink:"/0.4/multi-cluster-install",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/multi-cluster-install.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Single Cluster Install",permalink:"/0.4/single-cluster-install"},next:{title:"Uninstall",permalink:"/0.4/uninstall"}},o={},c=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Helm 3",id:"helm-3",level:3},{value:"Kubernetes",id:"kubernetes",level:3},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:2},{value:"Install",id:"install",level:2}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"multi-cluster-install"},"Multi-cluster Install"),(0,l.kt)("p",null,(0,l.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"Note:")," Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,l.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"Warning:")," The multi-cluster install described below is ",(0,l.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA. "),(0,l.kt)("p",null,"In the below use case, you will setup a centralized Fleet manager. The centralized Fleet manager is a\nKubernetes cluster running the Fleet controllers. After installing the Fleet manager, you will then\nneed to register remote downstream clusters with the Fleet manager."),(0,l.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,l.kt)("h3",{id:"helm-3"},"Helm 3"),(0,l.kt)("p",null,"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is\nfairly straight forward. To install the Helm 3 CLI follow the\n",(0,l.kt)("a",{parentName:"p",href:"https://helm.sh/docs/intro/install/"},"official install instructions"),". The TL;DR is"),(0,l.kt)("p",null,"macOS"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,l.kt)("p",null,"Windows"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"choco install kubernetes-helm\n")),(0,l.kt)("h3",{id:"kubernetes"},"Kubernetes"),(0,l.kt)("p",null,"The Fleet manager is a controller running on a Kubernetes cluster so an existing cluster is required. All\ndownstream cluster that will be managed will need to communicate to this central Kubernetes cluster. This\nmeans the Kubernetes API server URL must be accessible to the downstream clusters. Any Kubernetes community\nsupported version of Kubernetes will work, in practice this means 1.15 or greater."),(0,l.kt)("h2",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,l.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config"),"). The ",(0,l.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,l.kt)("p",null,"Please note that the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,l.kt)("p",null,"If you have ",(0,l.kt)("inlineCode",{parentName:"p"},"jq")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"base64")," available then this one-liners will pull all CA certificates from your\n",(0,l.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," and place then in a file named ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem"),"."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n")),(0,l.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')),(0,l.kt)("h2",{id:"install"},"Install"),(0,l.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,l.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,l.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,l.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,l.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,l.kt)("p",null,"Run the following commands"),(0,l.kt)("p",null,"Setup the environment with your specific values."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,l.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,l.kt)("p",null,"First validate the server URL is correct."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"curl -fLk ${API_SERVER_URL}/version\n")),(0,l.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,l.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,l.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,l.kt)("inlineCode",{parentName:"p"},"--cacert ${API_SERVER_CA}")," part of the command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"curl -fL --cacert ${API_SERVER_CA} ${API_SERVER_URL}/version\n")),(0,l.kt)("p",null,"If you get a valid JSON response or an ",(0,l.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,l.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,l.kt)("inlineCode",{parentName:"p"},"${API_SERVER_CA}")," file should look similar to the below"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,l.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,l.kt)("p",null,"First install the Fleet CustomResourcesDefintions."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-0.4.1.tgz\n")),(0,l.kt)("p",null,"Second install the Fleet controllers."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="${API_SERVER_URL}" \\\n --set-file apiServerCA="${API_SERVER_CA}" \\\n fleet https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-0.4.1.tgz\n')),(0,l.kt)("p",null,"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,l.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-overview"},"register clusters")," and ",(0,l.kt)("a",{parentName:"p",href:"/0.4/gitrepo-add"},"git repos")," with\nthe Fleet manager."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5279],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var o=r.createContext({}),c=function(e){var t=r.useContext(o),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(o.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,o=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=l,h=m["".concat(o,".").concat(d)]||m[d]||p[d]||a;return n?r.createElement(h,i(i({ref:t},u),{},{components:n})):r.createElement(h,i({ref:t},u))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,i=new Array(a);i[0]=m;var s={};for(var o in t)hasOwnProperty.call(t,o)&&(s[o]=t[o]);s.originalType=e,s.mdxType="string"==typeof e?e:l,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>o,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={},i="Multi-cluster Install",s={unversionedId:"multi-cluster-install",id:"version-0.4/multi-cluster-install",title:"Multi-cluster Install",description:"Note: Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under Continuous Delivery on Rancher.",source:"@site/versioned_docs/version-0.4/multi-cluster-install.md",sourceDirName:".",slug:"/multi-cluster-install",permalink:"/0.4/multi-cluster-install",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/multi-cluster-install.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Single Cluster Install",permalink:"/0.4/single-cluster-install"},next:{title:"Uninstall",permalink:"/0.4/uninstall"}},o={},c=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Helm 3",id:"helm-3",level:3},{value:"Kubernetes",id:"kubernetes",level:3},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:2},{value:"Install",id:"install",level:2}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"multi-cluster-install"},"Multi-cluster Install"),(0,l.kt)("p",null,(0,l.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"Note:")," Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,l.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"Warning:")," The multi-cluster install described below is ",(0,l.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA. "),(0,l.kt)("p",null,"In the below use case, you will setup a centralized Fleet manager. The centralized Fleet manager is a\nKubernetes cluster running the Fleet controllers. After installing the Fleet manager, you will then\nneed to register remote downstream clusters with the Fleet manager."),(0,l.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,l.kt)("h3",{id:"helm-3"},"Helm 3"),(0,l.kt)("p",null,"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is\nfairly straight forward. To install the Helm 3 CLI follow the\n",(0,l.kt)("a",{parentName:"p",href:"https://helm.sh/docs/intro/install/"},"official install instructions"),". The TL;DR is"),(0,l.kt)("p",null,"macOS"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,l.kt)("p",null,"Windows"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"choco install kubernetes-helm\n")),(0,l.kt)("h3",{id:"kubernetes"},"Kubernetes"),(0,l.kt)("p",null,"The Fleet manager is a controller running on a Kubernetes cluster so an existing cluster is required. All\ndownstream cluster that will be managed will need to communicate to this central Kubernetes cluster. This\nmeans the Kubernetes API server URL must be accessible to the downstream clusters. Any Kubernetes community\nsupported version of Kubernetes will work, in practice this means 1.15 or greater."),(0,l.kt)("h2",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,l.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config"),"). The ",(0,l.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,l.kt)("p",null,"Please note that the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,l.kt)("p",null,"If you have ",(0,l.kt)("inlineCode",{parentName:"p"},"jq")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"base64")," available then this one-liners will pull all CA certificates from your\n",(0,l.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," and place then in a file named ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem"),"."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n")),(0,l.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')),(0,l.kt)("h2",{id:"install"},"Install"),(0,l.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,l.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,l.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,l.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,l.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,l.kt)("p",null,"Run the following commands"),(0,l.kt)("p",null,"Setup the environment with your specific values."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,l.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,l.kt)("p",null,"First validate the server URL is correct."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"curl -fLk ${API_SERVER_URL}/version\n")),(0,l.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,l.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,l.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,l.kt)("inlineCode",{parentName:"p"},"--cacert ${API_SERVER_CA}")," part of the command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"curl -fL --cacert ${API_SERVER_CA} ${API_SERVER_URL}/version\n")),(0,l.kt)("p",null,"If you get a valid JSON response or an ",(0,l.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,l.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,l.kt)("inlineCode",{parentName:"p"},"${API_SERVER_CA}")," file should look similar to the below"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,l.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,l.kt)("p",null,"First install the Fleet CustomResourcesDefintions."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-0.4.1.tgz\n")),(0,l.kt)("p",null,"Second install the Fleet controllers."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="${API_SERVER_URL}" \\\n --set-file apiServerCA="${API_SERVER_CA}" \\\n fleet https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-0.4.1.tgz\n')),(0,l.kt)("p",null,"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,l.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-overview"},"register clusters")," and ",(0,l.kt)("a",{parentName:"p",href:"/0.4/gitrepo-add"},"git repos")," with\nthe Fleet manager."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file diff --git a/assets/js/5281b7a2.df199d5f.js b/assets/js/5281b7a2.a61d2fe7.js similarity index 98% rename from assets/js/5281b7a2.df199d5f.js rename to assets/js/5281b7a2.a61d2fe7.js index c7b6b8c37..5fd01e145 100644 --- a/assets/js/5281b7a2.df199d5f.js +++ b/assets/js/5281b7a2.a61d2fe7.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5927],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/docs/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/architecture.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/uninstall"},next:{title:"Core Concepts",permalink:"/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5927],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/docs/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/architecture.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/uninstall"},next:{title:"Core Concepts",permalink:"/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file diff --git a/assets/js/5379b7b3.0df31ce7.js b/assets/js/5379b7b3.18ed609d.js similarity index 97% rename from assets/js/5379b7b3.0df31ce7.js rename to assets/js/5379b7b3.18ed609d.js index 0345023c3..4e8862c10 100644 --- a/assets/js/5379b7b3.0df31ce7.js +++ b/assets/js/5379b7b3.18ed609d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8228],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function i(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(i[r]=e[r]);return i}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(i[r]=e[r])}return i}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,i=e.mdxType,a=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(r),g=i,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||a;return r?n.createElement(m,o(o({ref:t},u),{},{components:r})):n.createElement(m,o({ref:t},u))}));function g(e,t){var r=arguments,i=t&&t.mdxType;if("string"==typeof e||i){var a=r.length,o=new Array(a);o[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:i,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var n=r(7462),i=(r(7294),r(3905));const a={},o="Overview",s={unversionedId:"cluster-overview",id:"version-0.5/cluster-overview",title:"Overview",description:"There are two specific styles to registering clusters. These styles will be referred",source:"@site/versioned_docs/version-0.5/cluster-overview.md",sourceDirName:".",slug:"/cluster-overview",permalink:"/0.5/cluster-overview",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/cluster-overview.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Examples",permalink:"/0.5/examples"},next:{title:"Cluster Registration Tokens",permalink:"/0.5/cluster-tokens"}},l={},c=[{value:"Agent Initiated Registration",id:"agent-initiated-registration",level:2},{value:"Manager Initiated Registration",id:"manager-initiated-registration",level:2}],u={toc:c};function p(e){let{components:t,...r}=e;return(0,i.kt)("wrapper",(0,n.Z)({},u,r,{components:t,mdxType:"MDXLayout"}),(0,i.kt)("h1",{id:"overview"},"Overview"),(0,i.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,i.kt)("strong",{parentName:"p"},"agent initiated")," and ",(0,i.kt)("strong",{parentName:"p"},"manager initiated")," registration. Typically one would\ngo with the agent initiated registration but there are specific use cases in which\nmanager initiated is a better workflow."),(0,i.kt)("h2",{id:"agent-initiated-registration"},"Agent Initiated Registration"),(0,i.kt)("p",null,"Agent initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,i.kt)("a",{parentName:"p",href:"/0.5/cluster-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,i.kt)("h2",{id:"manager-initiated-registration"},"Manager Initiated Registration"),(0,i.kt)("p",null,"Manager initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,i.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,i.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8228],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function i(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(i[r]=e[r]);return i}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(i[r]=e[r])}return i}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,i=e.mdxType,a=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(r),g=i,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||a;return r?n.createElement(m,o(o({ref:t},u),{},{components:r})):n.createElement(m,o({ref:t},u))}));function g(e,t){var r=arguments,i=t&&t.mdxType;if("string"==typeof e||i){var a=r.length,o=new Array(a);o[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:i,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var n=r(7462),i=(r(7294),r(3905));const a={},o="Overview",s={unversionedId:"cluster-overview",id:"version-0.5/cluster-overview",title:"Overview",description:"There are two specific styles to registering clusters. These styles will be referred",source:"@site/versioned_docs/version-0.5/cluster-overview.md",sourceDirName:".",slug:"/cluster-overview",permalink:"/0.5/cluster-overview",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/cluster-overview.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Examples",permalink:"/0.5/examples"},next:{title:"Cluster Registration Tokens",permalink:"/0.5/cluster-tokens"}},l={},c=[{value:"Agent Initiated Registration",id:"agent-initiated-registration",level:2},{value:"Manager Initiated Registration",id:"manager-initiated-registration",level:2}],u={toc:c};function p(e){let{components:t,...r}=e;return(0,i.kt)("wrapper",(0,n.Z)({},u,r,{components:t,mdxType:"MDXLayout"}),(0,i.kt)("h1",{id:"overview"},"Overview"),(0,i.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,i.kt)("strong",{parentName:"p"},"agent initiated")," and ",(0,i.kt)("strong",{parentName:"p"},"manager initiated")," registration. Typically one would\ngo with the agent initiated registration but there are specific use cases in which\nmanager initiated is a better workflow."),(0,i.kt)("h2",{id:"agent-initiated-registration"},"Agent Initiated Registration"),(0,i.kt)("p",null,"Agent initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,i.kt)("a",{parentName:"p",href:"/0.5/cluster-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,i.kt)("h2",{id:"manager-initiated-registration"},"Manager Initiated Registration"),(0,i.kt)("p",null,"Manager initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,i.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,i.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/5388fcb8.932caaaa.js b/assets/js/5388fcb8.aa2af9ef.js similarity index 96% rename from assets/js/5388fcb8.932caaaa.js rename to assets/js/5388fcb8.aa2af9ef.js index 66b8ec821..707cbdfb3 100644 --- a/assets/js/5388fcb8.932caaaa.js +++ b/assets/js/5388fcb8.aa2af9ef.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6673],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>d});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),l=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(i.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,i=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),f=l(r),d=o,m=f["".concat(i,".").concat(d)]||f[d]||p[d]||s;return r?n.createElement(m,a(a({ref:t},u),{},{components:r})):n.createElement(m,a({ref:t},u))}));function d(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,a=new Array(s);a[0]=f;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:o,a[1]=c;for(var l=2;l{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>a,default:()=>p,frontMatter:()=>s,metadata:()=>c,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},a="Custom Resources",c={unversionedId:"ref-resources",id:"version-0.7/ref-resources",title:"Custom Resources",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/versioned_docs/version-0.7/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/0.7/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-resources.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.7/namespaces"},next:{title:"Installation Details",permalink:"/0.7/installation"}},i={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources"},"Custom Resources"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6673],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>d});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),l=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(i.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,i=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),f=l(r),d=o,m=f["".concat(i,".").concat(d)]||f[d]||p[d]||s;return r?n.createElement(m,a(a({ref:t},u),{},{components:r})):n.createElement(m,a({ref:t},u))}));function d(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,a=new Array(s);a[0]=f;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:o,a[1]=c;for(var l=2;l{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>a,default:()=>p,frontMatter:()=>s,metadata:()=>c,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},a="Custom Resources",c={unversionedId:"ref-resources",id:"version-0.7/ref-resources",title:"Custom Resources",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/versioned_docs/version-0.7/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/0.7/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-resources.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.7/namespaces"},next:{title:"Installation Details",permalink:"/0.7/installation"}},i={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources"},"Custom Resources"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file diff --git a/assets/js/53c8b813.90dadded.js b/assets/js/53c8b813.965c3538.js similarity index 98% rename from assets/js/53c8b813.90dadded.js rename to assets/js/53c8b813.965c3538.js index ba4cc0037..e93b8d47b 100644 --- a/assets/js/53c8b813.90dadded.js +++ b/assets/js/53c8b813.965c3538.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2837],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=o,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,a(a({ref:t},p),{},{components:n})):r.createElement(f,a({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,a=new Array(l);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const l={},a="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"version-0.6/ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/versioned_docs/version-0.6/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/0.6/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-bundle-stages.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.6/concepts"},next:{title:"Git Repository Contents",permalink:"/0.6/gitrepo-content"}},s={},c=[],p={toc:c};function u(e){let{components:t,...l}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,l,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,o.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,o.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,o.kt)("ol",null,(0,o.kt)("li",{parentName:"ol"},"User will create a ",(0,o.kt)("a",{parentName:"li",href:"/0.6/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,o.kt)("a",{parentName:"li",href:"/0.6/webhook"},"webhook event"),". With every commit change, the ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,o.kt)("a",{parentName:"li",href:"/0.6/cluster-bundles-state#bundles"},"bundle"),".")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},(0,o.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,o.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,o.kt)("ol",{start:3},(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,o.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,o.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})))}u.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2837],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=o,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,a(a({ref:t},p),{},{components:n})):r.createElement(f,a({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,a=new Array(l);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const l={},a="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"version-0.6/ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/versioned_docs/version-0.6/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/0.6/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-bundle-stages.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.6/concepts"},next:{title:"Git Repository Contents",permalink:"/0.6/gitrepo-content"}},s={},c=[],p={toc:c};function u(e){let{components:t,...l}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,l,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,o.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,o.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,o.kt)("ol",null,(0,o.kt)("li",{parentName:"ol"},"User will create a ",(0,o.kt)("a",{parentName:"li",href:"/0.6/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,o.kt)("a",{parentName:"li",href:"/0.6/webhook"},"webhook event"),". With every commit change, the ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,o.kt)("a",{parentName:"li",href:"/0.6/cluster-bundles-state#bundles"},"bundle"),".")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},(0,o.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,o.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,o.kt)("ol",{start:3},(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,o.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,o.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})))}u.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file diff --git a/assets/js/53da1243.8c9142f1.js b/assets/js/53da1243.a52d7550.js similarity index 99% rename from assets/js/53da1243.8c9142f1.js rename to assets/js/53da1243.a52d7550.js index 47dbe90a2..7815b175f 100644 --- a/assets/js/53da1243.8c9142f1.js +++ b/assets/js/53da1243.a52d7550.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1866],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.8/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.8/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.8/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/namespaces.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/0.8/gitrepo-content"},next:{title:"Custom Resources During Deployment",permalink:"/0.8/resources-during-deployment"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/0.8/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/0.8/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/0.8/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("p",null,"The cluster registration namespace contains the cluster and the clusterregistration resources, as well as any gitrepos and bundles."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1866],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.8/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.8/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.8/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/namespaces.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/0.8/gitrepo-content"},next:{title:"Custom Resources During Deployment",permalink:"/0.8/resources-during-deployment"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/0.8/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/0.8/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/0.8/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("p",null,"The cluster registration namespace contains the cluster and the clusterregistration resources, as well as any gitrepos and bundles."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file diff --git a/assets/js/5a165616.69161262.js b/assets/js/5a165616.ba9db149.js similarity index 99% rename from assets/js/5a165616.69161262.js rename to assets/js/5a165616.ba9db149.js index dbc509320..20ca9758d 100644 --- a/assets/js/5a165616.69161262.js +++ b/assets/js/5a165616.ba9db149.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5764],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>h});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),s=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},d=function(e){var t=s(e.components);return n.createElement(p.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),m=s(a),h=r,u=m["".concat(p,".").concat(h)]||m[h]||c[h]||i;return a?n.createElement(u,l(l({ref:t},d),{},{components:a})):n.createElement(u,l({ref:t},d))}));function h(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,l=new Array(i);l[0]=m;var o={};for(var p in t)hasOwnProperty.call(t,p)&&(o[p]=t[p]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>l,default:()=>c,frontMatter:()=>i,metadata:()=>o,toc:()=>s});var n=a(7462),r=(a(7294),a(3905));const i={},l="Create a GitRepo Resource",o={unversionedId:"gitrepo-add",id:"gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/docs/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/gitrepo-add.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/gitrepo-targets"}},p={},s=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Known hosts",id:"known-hosts",level:3},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2},{value:"Use different helm credentials for each path",id:"use-different-helm-credentials-for-each-path",level:3}],d={toc:s};function c(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/gitrepo-content"},"Git Repository Contents")," has detail about the content of the Git repository."),(0,r.kt)("p",null,"The available fields of the GitRepo custom resource are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("h3",{id:"known-hosts"},"Known hosts"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Use ",(0,r.kt)("a",{parentName:"p",href:"#use-different-helm-credentials-for-each-path"},"different helm credentials for each path"),",\nor split them into different gitrepos, or use ",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h3",{id:"use-different-helm-credentials-for-each-path"},"Use different helm credentials for each path"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName")," will be ignored if ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretNameForPaths")," is provided")),(0,r.kt)("p",null,"Create a file ",(0,r.kt)("inlineCode",{parentName:"p"},"secrets-path.yaml")," that contains credentials for each path defined in a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". Credentials will not be used\nfor paths that are not present in this file.\nThe path is the actual path to the bundle (ie to a folder containing a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file) within the git repository, which might have more segments than the entry under ",(0,r.kt)("inlineCode",{parentName:"p"},"paths:"),"."),(0,r.kt)("p",null,"Example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"path-one: # path path-one must exist in the repository\n username: user\n password: pass\npath-two: # path path-one must exist in the repository\n username: user2\n password: pass2\n caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=\n sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n")),(0,r.kt)("p",null,"Create the secret"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml\n")),(0,r.kt)("p",null,"In the previous example credentials for username ",(0,r.kt)("inlineCode",{parentName:"p"},"user")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-one")," and credentials for username\n",(0,r.kt)("inlineCode",{parentName:"p"},"user2")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-two"),"."),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"caBundle")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"sshPrivateKey")," must be base64 encoded."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/troubleshooting"},"here"),".")))}c.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5764],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>h});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),s=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},d=function(e){var t=s(e.components);return n.createElement(p.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),m=s(a),h=r,u=m["".concat(p,".").concat(h)]||m[h]||c[h]||i;return a?n.createElement(u,l(l({ref:t},d),{},{components:a})):n.createElement(u,l({ref:t},d))}));function h(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,l=new Array(i);l[0]=m;var o={};for(var p in t)hasOwnProperty.call(t,p)&&(o[p]=t[p]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>l,default:()=>c,frontMatter:()=>i,metadata:()=>o,toc:()=>s});var n=a(7462),r=(a(7294),a(3905));const i={},l="Create a GitRepo Resource",o={unversionedId:"gitrepo-add",id:"gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/docs/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/gitrepo-add.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/gitrepo-targets"}},p={},s=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Known hosts",id:"known-hosts",level:3},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2},{value:"Use different helm credentials for each path",id:"use-different-helm-credentials-for-each-path",level:3}],d={toc:s};function c(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/gitrepo-content"},"Git Repository Contents")," has detail about the content of the Git repository."),(0,r.kt)("p",null,"The available fields of the GitRepo custom resource are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("h3",{id:"known-hosts"},"Known hosts"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Use ",(0,r.kt)("a",{parentName:"p",href:"#use-different-helm-credentials-for-each-path"},"different helm credentials for each path"),",\nor split them into different gitrepos, or use ",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h3",{id:"use-different-helm-credentials-for-each-path"},"Use different helm credentials for each path"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName")," will be ignored if ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretNameForPaths")," is provided")),(0,r.kt)("p",null,"Create a file ",(0,r.kt)("inlineCode",{parentName:"p"},"secrets-path.yaml")," that contains credentials for each path defined in a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". Credentials will not be used\nfor paths that are not present in this file.\nThe path is the actual path to the bundle (ie to a folder containing a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file) within the git repository, which might have more segments than the entry under ",(0,r.kt)("inlineCode",{parentName:"p"},"paths:"),"."),(0,r.kt)("p",null,"Example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"path-one: # path path-one must exist in the repository\n username: user\n password: pass\npath-two: # path path-one must exist in the repository\n username: user2\n password: pass2\n caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=\n sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n")),(0,r.kt)("p",null,"Create the secret"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml\n")),(0,r.kt)("p",null,"In the previous example credentials for username ",(0,r.kt)("inlineCode",{parentName:"p"},"user")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-one")," and credentials for username\n",(0,r.kt)("inlineCode",{parentName:"p"},"user2")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-two"),"."),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"caBundle")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"sshPrivateKey")," must be base64 encoded."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/troubleshooting"},"here"),".")))}c.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/5b0cdfa3.777579a7.js b/assets/js/5b0cdfa3.46126fda.js similarity index 99% rename from assets/js/5b0cdfa3.777579a7.js rename to assets/js/5b0cdfa3.46126fda.js index 8e8718e48..540365e83 100644 --- a/assets/js/5b0cdfa3.777579a7.js +++ b/assets/js/5b0cdfa3.46126fda.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4665],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),d=r,h=c["".concat(s,".").concat(d)]||c[d]||m[d]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Mapping to Downstream Clusters",i={unversionedId:"gitrepo-targets",id:"version-0.9/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/versioned_docs/version-0.9/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.9/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/gitrepo-targets.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/0.9/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.9/bundle-diffs"}},s={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Supported Customizations",id:"supported-customizations",level:3},{value:"Additional Examples",id:"additional-examples",level:2}],u={toc:p};function m(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style\nIf no targets are specified, i.e. when using a single-cluster, the bundles target the default cluster group.")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n # Match everything\n - clusterSelector: {}\n # Selector ignored\n - clusterSelector: null\n")),(0,r.kt)("p",null,"You can also match clusters by name:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n - clusterName: fleetname\n")),(0,r.kt)("p",null,"When using Fleet in Rancher, make sure to put the name of the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource."),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"The ",(0,r.kt)("inlineCode",{parentName:"p"},"targets:")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource select clusters to deploy on. The ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations:")," in ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," override Helm values only and do not change targeting.")),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),":")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("h3",{id:"supported-customizations"},"Supported Customizations"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"DefaultNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ForceSyncGeneration"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"KeepResources"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ServiceAccount"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"TargetNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Atomic"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Chart"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.DisablePreProcess"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Force"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ReleaseName"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Repo"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TakeOwnership"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TimeoutSeconds"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ValuesFrom"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Values"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Version")),(0,r.kt)("admonition",{parentName:"li",title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will\ndeploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed\netcd's configured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details."))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.WaitForJobs"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#kustomizeoptions"},"Kustomize.Dir"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#yamloptions"},"YAML.Overlays"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#diffoptions"},"Diff.ComparePatches")))),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4665],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),d=r,h=c["".concat(s,".").concat(d)]||c[d]||m[d]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Mapping to Downstream Clusters",i={unversionedId:"gitrepo-targets",id:"version-0.9/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/versioned_docs/version-0.9/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.9/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/gitrepo-targets.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/0.9/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.9/bundle-diffs"}},s={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Supported Customizations",id:"supported-customizations",level:3},{value:"Additional Examples",id:"additional-examples",level:2}],u={toc:p};function m(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style\nIf no targets are specified, i.e. when using a single-cluster, the bundles target the default cluster group.")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n # Match everything\n - clusterSelector: {}\n # Selector ignored\n - clusterSelector: null\n")),(0,r.kt)("p",null,"You can also match clusters by name:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n - clusterName: fleetname\n")),(0,r.kt)("p",null,"When using Fleet in Rancher, make sure to put the name of the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource."),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"The ",(0,r.kt)("inlineCode",{parentName:"p"},"targets:")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource select clusters to deploy on. The ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations:")," in ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," override Helm values only and do not change targeting.")),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),":")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("h3",{id:"supported-customizations"},"Supported Customizations"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"DefaultNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ForceSyncGeneration"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"KeepResources"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ServiceAccount"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"TargetNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Atomic"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Chart"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.DisablePreProcess"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Force"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ReleaseName"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Repo"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TakeOwnership"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TimeoutSeconds"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ValuesFrom"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Values"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Version")),(0,r.kt)("admonition",{parentName:"li",title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will\ndeploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed\netcd's configured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details."))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.WaitForJobs"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#kustomizeoptions"},"Kustomize.Dir"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#yamloptions"},"YAML.Overlays"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#diffoptions"},"Diff.ComparePatches")))),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/5b7f8ae0.1cc25693.js b/assets/js/5b7f8ae0.2ca3e9eb.js similarity index 98% rename from assets/js/5b7f8ae0.1cc25693.js rename to assets/js/5b7f8ae0.2ca3e9eb.js index a070d795a..fd97adf80 100644 --- a/assets/js/5b7f8ae0.1cc25693.js +++ b/assets/js/5b7f8ae0.2ca3e9eb.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4203],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),i=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=i(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=i(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},d),{},{components:n})):r.createElement(m,s({ref:t},d))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>i});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"version-0.9/cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.9/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.9/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cluster-bundles-state.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/0.9/cli/fleet-controller/fleet-manager"},next:{title:"Cluster Registration Internals",permalink:"/0.9/ref-registration"}},u={},i=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],d={toc:i};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4203],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),i=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=i(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=i(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},d),{},{components:n})):r.createElement(m,s({ref:t},d))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>i});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"version-0.9/cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.9/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.9/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cluster-bundles-state.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/0.9/cli/fleet-controller/fleet-manager"},next:{title:"Cluster Registration Internals",permalink:"/0.9/ref-registration"}},u={},i=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],d={toc:i};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/5fdf261e.3ce7d838.js b/assets/js/5fdf261e.8a1557ca.js similarity index 98% rename from assets/js/5fdf261e.3ce7d838.js rename to assets/js/5fdf261e.8a1557ca.js index 7aed8dd1b..951dd32e2 100644 --- a/assets/js/5fdf261e.3ce7d838.js +++ b/assets/js/5fdf261e.8a1557ca.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9456],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>u});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function i(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var s=n.createContext({}),c=function(e){var t=n.useContext(s),r=t;return e&&(r="function"==typeof e?e(t):i(i({},t),e)),r},f=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},g={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},p=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,f=o(e,["components","mdxType","originalType","parentName"]),p=c(r),u=l,d=p["".concat(s,".").concat(u)]||p[u]||g[u]||a;return r?n.createElement(d,i(i({ref:t},f),{},{components:r})):n.createElement(d,i({ref:t},f))}));function u(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,i=new Array(a);i[0]=p;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{r.r(t),r.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>g,frontMatter:()=>a,metadata:()=>o,toc:()=>c});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-agent register"},i=void 0,o={unversionedId:"cli/fleet-agent/fleet-agent_register",id:"cli/fleet-agent/fleet-agent_register",title:"",description:"fleet-agent register",source:"@site/docs/cli/fleet-agent/fleet-agent_register.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/fleet-agent_register",permalink:"/cli/fleet-agent/fleet-agent_register",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-agent/fleet-agent_register.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent register"},sidebar:"docs",previous:{title:"fleet-agent clusterstatus",permalink:"/cli/fleet-agent/fleet-agent_clusterstatus"},next:{title:"fleet",permalink:"/cli/fleet-cli/fleet"}},s={},c=[{value:"fleet-agent register",id:"fleet-agent-register",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:c};function g(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-agent-register"},"fleet-agent register"),(0,l.kt)("p",null,"Register agent with an upstream cluster"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-agent register [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for register\n --kubeconfig string kubeconfig file for agent's cluster\n --namespace string system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet-agent"},"fleet-agent"),"\t -")))}g.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9456],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>u});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function i(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var s=n.createContext({}),c=function(e){var t=n.useContext(s),r=t;return e&&(r="function"==typeof e?e(t):i(i({},t),e)),r},f=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},g={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},p=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,f=o(e,["components","mdxType","originalType","parentName"]),p=c(r),u=l,d=p["".concat(s,".").concat(u)]||p[u]||g[u]||a;return r?n.createElement(d,i(i({ref:t},f),{},{components:r})):n.createElement(d,i({ref:t},f))}));function u(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,i=new Array(a);i[0]=p;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{r.r(t),r.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>g,frontMatter:()=>a,metadata:()=>o,toc:()=>c});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-agent register"},i=void 0,o={unversionedId:"cli/fleet-agent/fleet-agent_register",id:"cli/fleet-agent/fleet-agent_register",title:"",description:"fleet-agent register",source:"@site/docs/cli/fleet-agent/fleet-agent_register.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/fleet-agent_register",permalink:"/cli/fleet-agent/fleet-agent_register",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-agent/fleet-agent_register.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent register"},sidebar:"docs",previous:{title:"fleet-agent clusterstatus",permalink:"/cli/fleet-agent/fleet-agent_clusterstatus"},next:{title:"fleet",permalink:"/cli/fleet-cli/fleet"}},s={},c=[{value:"fleet-agent register",id:"fleet-agent-register",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:c};function g(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-agent-register"},"fleet-agent register"),(0,l.kt)("p",null,"Register agent with an upstream cluster"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-agent register [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for register\n --kubeconfig string kubeconfig file for agent's cluster\n --namespace string system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet-agent"},"fleet-agent"),"\t -")))}g.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/5ff573a6.17dfd064.js b/assets/js/5ff573a6.9e152199.js similarity index 99% rename from assets/js/5ff573a6.17dfd064.js rename to assets/js/5ff573a6.9e152199.js index fd8243b9d..e10b2296a 100644 --- a/assets/js/5ff573a6.17dfd064.js +++ b/assets/js/5ff573a6.9e152199.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7640],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),l=n(6010);const r="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,l.Z)(r,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),l=n(7294),r=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return l.Children.map(e,(e=>{if((0,l.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:l}}=e;return{value:t,label:n,attributes:a,default:l}}))}function p(e){const{values:t,children:n}=e;return(0,l.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),r=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(r),(0,l.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(a.location.search);t.set(r,e),a.replace({...a.location,search:t.toString()})}),[r,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,r=p(e),[i,s]=(0,l.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,r]=(0,c.Nk)(n);return[a,(0,l.useCallback)((e=>{n&&r.set(e)}),[n,r])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,l.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,l.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,r]),tabValues:r}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return l.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return l.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,r.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function v(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,l.cloneElement)(e,{className:"margin-top--md"}):null}return l.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,l.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return l.createElement("div",{className:(0,r.Z)("tabs-container",f)},l.createElement(y,(0,a.Z)({},e,t)),l.createElement(v,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return l.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},9267:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>d,contentTitle:()=>u,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var a=n(7462),l=(n(7294),n(3905)),r=(n(6828),n(814)),i=n(4866),s=n(5162);const o={},u="Register Downstream Clusters",c={unversionedId:"cluster-registration",id:"version-0.7/cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/versioned_docs/version-0.7/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/0.7/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cluster-registration.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/0.7/installation"},next:{title:"Create Cluster Groups",permalink:"/0.7/cluster-group"}},d={},p=[{value:"Overview",id:"overview",level:2},{value:"Agent-Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager-Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],m={toc:p};function h(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,l.kt)("h2",{id:"overview"},"Overview"),(0,l.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,l.kt)("strong",{parentName:"p"},"agent-initiated")," and ",(0,l.kt)("strong",{parentName:"p"},"manager-initiated")," registration. Typically one would\ngo with the agent-initiated registration but there are specific use cases in which\nmanager-initiated is a better workflow."),(0,l.kt)("h3",{id:"agent-initiated-registration"},"Agent-Initiated Registration"),(0,l.kt)("p",null,"Agent-initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,l.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,l.kt)("h3",{id:"manager-initiated-registration"},"Manager-Initiated Registration"),(0,l.kt)("p",null,"Manager-initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,l.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,l.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,l.kt)("strong",{parentName:"p"},"client ID")," or ",(0,l.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,l.kt)("admonition",{type:"info"},(0,l.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,l.kt)("a",{parentName:"p",href:"/0.7/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,l.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,l.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe cluster registration token is manifested as a ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,l.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,l.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,l.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,l.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,l.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,l.kt)("p",null,"First, follow the ",(0,l.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,l.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,l.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,l.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,l.kt)("p",null,"Value in ",(0,l.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,l.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,l.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,l.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,l.kt)("p",null,"Add Fleet's Helm repo."),(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(s.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent fleet/fleet-agent')),(0,l.kt)(s.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.7/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,l.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,l.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,l.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,l.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,l.kt)("p",null,"First, create a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,l.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,l.kt)("p",null,"Third, setup your environment to use the client ID."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Add Fleet's Helm repo."),(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(s.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent fleet/fleet-agent')),(0,l.kt)(s.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.7/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,l.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,l.kt)("admonition",{type:"info"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Not needed for Manager-initiated registration"),":\nFor manager-initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,l.kt)("p",null,"For an agent-initiated registration the downstream cluster must have a cluster registration token.\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,l.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,l.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,l.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,l.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,l.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,l.kt)("a",{parentName:"p",href:"/0.7/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,l.kt)("p",null,"After the ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,l.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,l.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,l.kt)("p",null,"One way to do so is via the following one-liner:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,l.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,l.kt)("p",null,"The token value contains YAML content for a ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,l.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,l.kt)("p",null,"Such value is contained in the ",(0,l.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,l.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,l.kt)("p",null,"Once the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,l.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,l.kt)("p",null,"The manager-initiated registration flow is accomplished by creating a\n",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,l.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,l.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,l.kt)("admonition",{type:"info"},(0,l.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,l.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,l.kt)("a",{parentName:"p",href:"/0.7/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,l.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,l.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,l.kt)("p",null,"The format of this secret is intended to match the ",(0,l.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,l.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,l.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,l.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7640],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),l=n(6010);const r="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,l.Z)(r,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),l=n(7294),r=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return l.Children.map(e,(e=>{if((0,l.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:l}}=e;return{value:t,label:n,attributes:a,default:l}}))}function p(e){const{values:t,children:n}=e;return(0,l.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),r=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(r),(0,l.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(a.location.search);t.set(r,e),a.replace({...a.location,search:t.toString()})}),[r,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,r=p(e),[i,s]=(0,l.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,r]=(0,c.Nk)(n);return[a,(0,l.useCallback)((e=>{n&&r.set(e)}),[n,r])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,l.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,l.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,r]),tabValues:r}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return l.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return l.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,r.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function v(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,l.cloneElement)(e,{className:"margin-top--md"}):null}return l.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,l.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return l.createElement("div",{className:(0,r.Z)("tabs-container",f)},l.createElement(y,(0,a.Z)({},e,t)),l.createElement(v,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return l.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},9267:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>d,contentTitle:()=>u,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var a=n(7462),l=(n(7294),n(3905)),r=(n(6828),n(814)),i=n(4866),s=n(5162);const o={},u="Register Downstream Clusters",c={unversionedId:"cluster-registration",id:"version-0.7/cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/versioned_docs/version-0.7/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/0.7/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cluster-registration.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/0.7/installation"},next:{title:"Create Cluster Groups",permalink:"/0.7/cluster-group"}},d={},p=[{value:"Overview",id:"overview",level:2},{value:"Agent-Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager-Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],m={toc:p};function h(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,l.kt)("h2",{id:"overview"},"Overview"),(0,l.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,l.kt)("strong",{parentName:"p"},"agent-initiated")," and ",(0,l.kt)("strong",{parentName:"p"},"manager-initiated")," registration. Typically one would\ngo with the agent-initiated registration but there are specific use cases in which\nmanager-initiated is a better workflow."),(0,l.kt)("h3",{id:"agent-initiated-registration"},"Agent-Initiated Registration"),(0,l.kt)("p",null,"Agent-initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,l.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,l.kt)("h3",{id:"manager-initiated-registration"},"Manager-Initiated Registration"),(0,l.kt)("p",null,"Manager-initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,l.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,l.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,l.kt)("strong",{parentName:"p"},"client ID")," or ",(0,l.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,l.kt)("admonition",{type:"info"},(0,l.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,l.kt)("a",{parentName:"p",href:"/0.7/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,l.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,l.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe cluster registration token is manifested as a ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,l.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,l.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,l.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,l.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,l.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,l.kt)("p",null,"First, follow the ",(0,l.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,l.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,l.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,l.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,l.kt)("p",null,"Value in ",(0,l.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,l.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,l.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,l.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,l.kt)("p",null,"Add Fleet's Helm repo."),(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(s.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent fleet/fleet-agent')),(0,l.kt)(s.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.7/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,l.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,l.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,l.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,l.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,l.kt)("p",null,"First, create a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,l.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,l.kt)("p",null,"Third, setup your environment to use the client ID."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Add Fleet's Helm repo."),(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(s.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,l.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent fleet/fleet-agent')),(0,l.kt)(s.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.7/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,l.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,l.kt)("admonition",{type:"info"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Not needed for Manager-initiated registration"),":\nFor manager-initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,l.kt)("p",null,"For an agent-initiated registration the downstream cluster must have a cluster registration token.\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,l.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,l.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,l.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,l.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,l.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,l.kt)("a",{parentName:"p",href:"/0.7/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,l.kt)("p",null,"After the ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,l.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,l.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,l.kt)("p",null,"One way to do so is via the following one-liner:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,l.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,l.kt)("p",null,"The token value contains YAML content for a ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,l.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,l.kt)("p",null,"Such value is contained in the ",(0,l.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,l.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,l.kt)("p",null,"Once the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,l.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,l.kt)("p",null,"The manager-initiated registration flow is accomplished by creating a\n",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,l.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,l.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,l.kt)("admonition",{type:"info"},(0,l.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,l.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,l.kt)("a",{parentName:"p",href:"/0.7/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,l.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,l.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,l.kt)("p",null,"The format of this secret is intended to match the ",(0,l.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,l.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,l.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,l.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/60bcd92c.907ca922.js b/assets/js/60bcd92c.0d84696d.js similarity index 99% rename from assets/js/60bcd92c.907ca922.js rename to assets/js/60bcd92c.0d84696d.js index f525eaea9..88ad3a826 100644 --- a/assets/js/60bcd92c.907ca922.js +++ b/assets/js/60bcd92c.0d84696d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[314],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),r=n(6010);const l="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,r.Z)(l,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),r=n(7294),l=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return r.Children.map(e,(e=>{if((0,r.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:r}}=e;return{value:t,label:n,attributes:a,default:r}}))}function p(e){const{values:t,children:n}=e;return(0,r.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),l=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(l),(0,r.useCallback)((e=>{if(!l)return;const t=new URLSearchParams(a.location.search);t.set(l,e),a.replace({...a.location,search:t.toString()})}),[l,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,l=p(e),[i,s]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:l}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,l]=(0,c.Nk)(n);return[a,(0,r.useCallback)((e=>{n&&l.set(e)}),[n,l])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:l})?e:null})();(0,r.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:l}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,l]),tabValues:l}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,l.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return r.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,l.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function y(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return r.createElement("div",{className:(0,l.Z)("tabs-container",f)},r.createElement(v,(0,a.Z)({},e,t)),r.createElement(y,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return r.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},1843:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>g,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var a=n(7462),r=(n(7294),n(3905)),l=n(6828),i=n(814),s=n(4866),o=n(5162);const u={},c="Register Downstream Clusters",d={unversionedId:"cluster-registration",id:"version-0.6/cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/versioned_docs/version-0.6/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/0.6/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cluster-registration.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/0.6/installation"},next:{title:"Create Cluster Groups",permalink:"/0.6/cluster-group"}},p={},m=[{value:"Overview",id:"overview",level:2},{value:"Agent Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],h={toc:m};function g(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},h,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,r.kt)("h2",{id:"overview"},"Overview"),(0,r.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,r.kt)("strong",{parentName:"p"},"agent initiated")," and ",(0,r.kt)("strong",{parentName:"p"},"manager initiated")," registration. Typically one would\ngo with the agent initiated registration but there are specific use cases in which\nmanager initiated is a better workflow."),(0,r.kt)("h3",{id:"agent-initiated-registration"},"Agent Initiated Registration"),(0,r.kt)("p",null,"Agent initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,r.kt)("h3",{id:"manager-initiated-registration"},"Manager Initiated Registration"),(0,r.kt)("p",null,"Manager initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,r.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,r.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,r.kt)("strong",{parentName:"p"},"client ID")," or ",(0,r.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,r.kt)("a",{parentName:"p",href:"/0.6/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,r.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,r.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,r.kt)("p",null,"The ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe cluster registration token is manifested as a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,r.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,r.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,r.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,r.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,r.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,r.kt)("p",null,"First, follow the ",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,r.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,r.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,r.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,r.kt)("p",null,"Value in ",(0,r.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,r.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,r.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,r.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,r.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(s.Z,{mdxType:"Tabs"},(0,r.kt)(o.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(i.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent'," ",l.d["v0.6"].fleetAgent)),(0,r.kt)(o.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.6/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")),(0,r.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,r.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,r.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,r.kt)("p",null,"First, create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,r.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,r.kt)("p",null,"Third, setup your environment to use the client ID."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(s.Z,{mdxType:"Tabs"},(0,r.kt)(o.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(i.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent'," ",l.d["v0.6"].fleetAgent)),(0,r.kt)(o.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.6/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")),(0,r.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager initiated registration"),":\nFor manager initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent initiated registration the downstream cluster must have a cluster registration token.\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.6/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,r.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,r.kt)("p",null,"The manager initiated registration flow is accomplished by creating a\n",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,r.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,r.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,r.kt)("a",{parentName:"p",href:"/0.6/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,r.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,r.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,r.kt)("p",null,"The format of this secret is intended to match the ",(0,r.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,r.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,r.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,r.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}g.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[314],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),r=n(6010);const l="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,r.Z)(l,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),r=n(7294),l=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return r.Children.map(e,(e=>{if((0,r.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:r}}=e;return{value:t,label:n,attributes:a,default:r}}))}function p(e){const{values:t,children:n}=e;return(0,r.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),l=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(l),(0,r.useCallback)((e=>{if(!l)return;const t=new URLSearchParams(a.location.search);t.set(l,e),a.replace({...a.location,search:t.toString()})}),[l,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,l=p(e),[i,s]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:l}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,l]=(0,c.Nk)(n);return[a,(0,r.useCallback)((e=>{n&&l.set(e)}),[n,l])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:l})?e:null})();(0,r.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:l}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,l]),tabValues:l}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,l.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return r.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,l.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function y(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return r.createElement("div",{className:(0,l.Z)("tabs-container",f)},r.createElement(v,(0,a.Z)({},e,t)),r.createElement(y,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return r.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},1843:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>g,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var a=n(7462),r=(n(7294),n(3905)),l=n(6828),i=n(814),s=n(4866),o=n(5162);const u={},c="Register Downstream Clusters",d={unversionedId:"cluster-registration",id:"version-0.6/cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/versioned_docs/version-0.6/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/0.6/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cluster-registration.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/0.6/installation"},next:{title:"Create Cluster Groups",permalink:"/0.6/cluster-group"}},p={},m=[{value:"Overview",id:"overview",level:2},{value:"Agent Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],h={toc:m};function g(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},h,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,r.kt)("h2",{id:"overview"},"Overview"),(0,r.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,r.kt)("strong",{parentName:"p"},"agent initiated")," and ",(0,r.kt)("strong",{parentName:"p"},"manager initiated")," registration. Typically one would\ngo with the agent initiated registration but there are specific use cases in which\nmanager initiated is a better workflow."),(0,r.kt)("h3",{id:"agent-initiated-registration"},"Agent Initiated Registration"),(0,r.kt)("p",null,"Agent initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,r.kt)("h3",{id:"manager-initiated-registration"},"Manager Initiated Registration"),(0,r.kt)("p",null,"Manager initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,r.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,r.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,r.kt)("strong",{parentName:"p"},"client ID")," or ",(0,r.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,r.kt)("a",{parentName:"p",href:"/0.6/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,r.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,r.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,r.kt)("p",null,"The ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe cluster registration token is manifested as a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,r.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,r.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,r.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,r.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,r.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,r.kt)("p",null,"First, follow the ",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,r.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,r.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,r.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,r.kt)("p",null,"Value in ",(0,r.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,r.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,r.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,r.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,r.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(s.Z,{mdxType:"Tabs"},(0,r.kt)(o.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(i.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent'," ",l.d["v0.6"].fleetAgent)),(0,r.kt)(o.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.6/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")),(0,r.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,r.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,r.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,r.kt)("p",null,"First, create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,r.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,r.kt)("p",null,"Third, setup your environment to use the client ID."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(s.Z,{mdxType:"Tabs"},(0,r.kt)(o.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(i.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent'," ",l.d["v0.6"].fleetAgent)),(0,r.kt)(o.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.6/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")),(0,r.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager initiated registration"),":\nFor manager initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent initiated registration the downstream cluster must have a cluster registration token.\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.6/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,r.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,r.kt)("p",null,"The manager initiated registration flow is accomplished by creating a\n",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,r.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,r.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,r.kt)("a",{parentName:"p",href:"/0.6/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,r.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,r.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,r.kt)("p",null,"The format of this secret is intended to match the ",(0,r.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,r.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,r.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,r.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}g.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/60c2c817.6e32622d.js b/assets/js/60c2c817.cf4ec6fd.js similarity index 98% rename from assets/js/60c2c817.6e32622d.js rename to assets/js/60c2c817.cf4ec6fd.js index af793dcf2..3a9aa74fa 100644 --- a/assets/js/60c2c817.6e32622d.js +++ b/assets/js/60c2c817.cf4ec6fd.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9857],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),l=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},p=function(e){var t=l(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=l(n),m=o,f=d["".concat(c,".").concat(m)]||d[m]||u[m]||a;return n?r.createElement(f,s(s({ref:t},p),{},{components:n})):r.createElement(f,s({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,s=new Array(a);s[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,s[1]=i;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>l});var r=n(7462),o=(n(7294),n(3905));const a={},s="GitRepo Resource",i={unversionedId:"ref-gitrepo",id:"version-0.9/ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/versioned_docs/version-0.9/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/0.9/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-gitrepo.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/0.9/ref-fleet-yaml"},next:{title:"Bundle Resource",permalink:"/0.9/ref-bundle"}},c={},l=[],p={toc:l};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.\n # Credentials will always be used if it is empty or not provided\n #\n # helmRepoURLRegex: https://charts.rancher.io/*\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n # If empty, the "default" cluster group is used.\n #\n # targets: ...\n #\n # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses\n # a three-way merge strategy by default. \n # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating \n # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.\n # Keep in mind that resources might be recreated if force is enabled.\n # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.\n #\n # correctDrift:\n # enabled: false\n # force: false #Warning: it might recreate resources if set to true\n # keepFailHistory: false\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9857],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),l=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},p=function(e){var t=l(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=l(n),m=o,f=d["".concat(c,".").concat(m)]||d[m]||u[m]||a;return n?r.createElement(f,s(s({ref:t},p),{},{components:n})):r.createElement(f,s({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,s=new Array(a);s[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,s[1]=i;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>l});var r=n(7462),o=(n(7294),n(3905));const a={},s="GitRepo Resource",i={unversionedId:"ref-gitrepo",id:"version-0.9/ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/versioned_docs/version-0.9/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/0.9/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-gitrepo.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/0.9/ref-fleet-yaml"},next:{title:"Bundle Resource",permalink:"/0.9/ref-bundle"}},c={},l=[],p={toc:l};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n #\n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.\n # Credentials will always be used if it is empty or not provided\n #\n # helmRepoURLRegex: https://charts.rancher.io/*\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n # If empty, the "default" cluster group is used.\n #\n # targets: ...\n #\n # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses\n # a three-way merge strategy by default. \n # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating \n # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.\n # Keep in mind that resources might be recreated if force is enabled.\n # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.\n #\n # correctDrift:\n # enabled: false\n # force: false #Warning: it might recreate resources if set to true\n # keepFailHistory: false\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/612623d2.a8a9d837.js b/assets/js/612623d2.beb0b6ab.js similarity index 98% rename from assets/js/612623d2.a8a9d837.js rename to assets/js/612623d2.beb0b6ab.js index b75d59ee2..062e83d92 100644 --- a/assets/js/612623d2.a8a9d837.js +++ b/assets/js/612623d2.beb0b6ab.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7540],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var l=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var o=l.createContext({}),p=function(e){var t=l.useContext(o),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=p(e.components);return l.createElement(o.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},s=l.forwardRef((function(e,t){var n=e.components,r=e.mdxType,a=e.originalType,o=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),s=p(n),d=r,m=s["".concat(o,".").concat(d)]||s[d]||f[d]||a;return n?l.createElement(m,i(i({ref:t},u),{},{components:n})):l.createElement(m,i({ref:t},u))}));function d(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=n.length,i=new Array(a);i[0]=s;var c={};for(var o in t)hasOwnProperty.call(t,o)&&(c[o]=t[o]);c.originalType=e,c.mdxType="string"==typeof e?e:r,i[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>o,contentTitle:()=>i,default:()=>f,frontMatter:()=>a,metadata:()=>c,toc:()=>p});var l=n(7462),r=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet cleanup"},i=void 0,c={unversionedId:"cli/fleet-cli/fleet_cleanup",id:"cli/fleet-cli/fleet_cleanup",title:"",description:"fleet cleanup",source:"@site/docs/cli/fleet-cli/fleet_cleanup.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_cleanup",permalink:"/cli/fleet-cli/fleet_cleanup",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_cleanup.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet cleanup"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/cli/fleet-cli/fleet_apply"},next:{title:"fleet deploy",permalink:"/cli/fleet-cli/fleet_deploy"}},o={},p=[{value:"fleet cleanup",id:"fleet-cleanup",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],u={toc:p};function f(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,l.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h2",{id:"fleet-cleanup"},"fleet cleanup"),(0,r.kt)("p",null,"Clean up outdated cluster registrations"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"fleet cleanup [flags]\n")),(0,r.kt)("h3",{id:"options"},"Options"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --factor string Factor to increase delay between deletes (default: 1.1)\n -h, --help help for cleanup\n -k, --kubeconfig string kubeconfig for authentication\n --max string Maximum delay between deletes (default: 5s)\n --min string Minimum delay between deletes (default: 10ms)\n -n, --namespace string namespace (default "fleet-local")\n')),(0,r.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7540],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var l=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var o=l.createContext({}),p=function(e){var t=l.useContext(o),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=p(e.components);return l.createElement(o.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},s=l.forwardRef((function(e,t){var n=e.components,r=e.mdxType,a=e.originalType,o=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),s=p(n),d=r,m=s["".concat(o,".").concat(d)]||s[d]||f[d]||a;return n?l.createElement(m,i(i({ref:t},u),{},{components:n})):l.createElement(m,i({ref:t},u))}));function d(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=n.length,i=new Array(a);i[0]=s;var c={};for(var o in t)hasOwnProperty.call(t,o)&&(c[o]=t[o]);c.originalType=e,c.mdxType="string"==typeof e?e:r,i[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>o,contentTitle:()=>i,default:()=>f,frontMatter:()=>a,metadata:()=>c,toc:()=>p});var l=n(7462),r=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet cleanup"},i=void 0,c={unversionedId:"cli/fleet-cli/fleet_cleanup",id:"cli/fleet-cli/fleet_cleanup",title:"",description:"fleet cleanup",source:"@site/docs/cli/fleet-cli/fleet_cleanup.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_cleanup",permalink:"/cli/fleet-cli/fleet_cleanup",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_cleanup.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet cleanup"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/cli/fleet-cli/fleet_apply"},next:{title:"fleet deploy",permalink:"/cli/fleet-cli/fleet_deploy"}},o={},p=[{value:"fleet cleanup",id:"fleet-cleanup",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],u={toc:p};function f(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,l.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h2",{id:"fleet-cleanup"},"fleet cleanup"),(0,r.kt)("p",null,"Clean up outdated cluster registrations"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"fleet cleanup [flags]\n")),(0,r.kt)("h3",{id:"options"},"Options"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --factor string Factor to increase delay between deletes (default: 1.1)\n -h, --help help for cleanup\n -k, --kubeconfig string kubeconfig for authentication\n --max string Maximum delay between deletes (default: 5s)\n --min string Minimum delay between deletes (default: 10ms)\n -n, --namespace string namespace (default "fleet-local")\n')),(0,r.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/62bbc60f.3a9fe9af.js b/assets/js/62bbc60f.322f5b3a.js similarity index 99% rename from assets/js/62bbc60f.3a9fe9af.js rename to assets/js/62bbc60f.322f5b3a.js index a42895639..c499797d9 100644 --- a/assets/js/62bbc60f.3a9fe9af.js +++ b/assets/js/62bbc60f.322f5b3a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6295],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.6/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.6/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.6/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/namespaces.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/0.6/gitrepo-content"},next:{title:"Custom Resources",permalink:"/0.6/ref-resources"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/0.6/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/0.6/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/0.6/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6295],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.6/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.6/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.6/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/namespaces.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/0.6/gitrepo-content"},next:{title:"Custom Resources",permalink:"/0.6/ref-resources"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/0.6/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/0.6/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/0.6/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file diff --git a/assets/js/6349fbc0.9077d0e7.js b/assets/js/6349fbc0.5d0431ad.js similarity index 99% rename from assets/js/6349fbc0.9077d0e7.js rename to assets/js/6349fbc0.5d0431ad.js index f50e31054..7847bb1f0 100644 --- a/assets/js/6349fbc0.9077d0e7.js +++ b/assets/js/6349fbc0.5d0431ad.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7383],{3905:(t,e,a)=>{a.d(e,{Zo:()=>s,kt:()=>k});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var p=n.createContext({}),m=function(t){var e=n.useContext(p),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},s=function(t){var e=m(t.components);return n.createElement(p.Provider,{value:e},t.children)},d={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},o=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,p=t.parentName,s=u(t,["components","mdxType","originalType","parentName"]),o=m(a),k=l,N=o["".concat(p,".").concat(k)]||o[k]||d[k]||r;return a?n.createElement(N,i(i({ref:e},s),{},{components:a})):n.createElement(N,i({ref:e},s))}));function k(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=o;var u={};for(var p in e)hasOwnProperty.call(e,p)&&(u[p]=e[p]);u.originalType=t,u.mdxType="string"==typeof t?t:l,i[1]=u;for(var m=2;m{a.r(e),a.d(e,{assets:()=>p,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>u,toc:()=>m});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",u={unversionedId:"ref-crds",id:"version-0.8/ref-crds",title:"Custom Resources Spec",description:"* GitRepo",source:"@site/versioned_docs/version-0.8/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/0.8/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-crds.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"List of Deployed Resources",permalink:"/0.8/ref-resources"},next:{title:"fleet.yaml",permalink:"/0.8/ref-fleet-yaml"}},p={},m=[{value:"CorrectDrift",id:"correctdrift",level:4},{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"Bundle",id:"bundle",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentResource",id:"bundledeploymentresource",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"Content",id:"content",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"IgnoreOptions",id:"ignoreoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4}],s={toc:m};function d(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},s,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus"))),(0,l.kt)("h4",{id:"correctdrift"},"CorrectDrift"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"enabled"),(0,l.kt)("td",{parentName:"tr",align:null},"Enabled correct drift if true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force helm rollback with --force option will be used if true. This will try to recreate all resources in the release."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepFailHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepFailHistory keeps track of failed rollbacks in the helm history."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("p",null,"GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundleDeployments is a string in the form \\"%d/%d\\", that describes the number of ready bundledeployments over the total number of bundledeployments.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the GitRepo, e.g. \\"GitUpdating\\" or the maximal BundleState according to StateRank.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains the relevant message from the deployment conditions."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if a message is present."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("p",null,"GitRepoResource contains metadata about the resources of a bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the API version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null},'Type is the type of the resource, e.g. \\"apiextensions.k8s.io.customresourcedefinition\\" or \\"configmap\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null},'ID is the name of the resource, e.g. \\"namespace1/my-config\\" or \\"backingimagemanagers.storage.io\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null},"IncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, e.g. \\"Unknown\\", \\"WaitApplied\\", \\"ErrApplied\\" or \\"Ready\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if any Error in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if any Transitioning in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message is the first message from the PerClusterStates."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null},"PerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("p",null,"GitRepoResourceCounts contains the number of resources in each state."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of resources that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of resources that are waiting to be applied."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of resources that have been modified."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null},"Orphaned is the number of orphaned resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null},"Missing is the number of missing resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null},"Unknown is the number of resources in an unknown state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of not ready resources. Resources are not ready if they do not match any other state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("p",null,"GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultServiceAccount overrides the GitRepo's default service account."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultClientSecretName overrides the GitRepo's default client secret."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for a private Helm repository."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretNameForPaths"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretNameForPaths contains the auth secret for private Helm repository for each path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of targets this repo will deploy to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gittarget"},"GitTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when a new image is scanned and written back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit is the Git commit hash from the last gitjob run."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyClusters\\tis the number of clusters that should be ready for bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null},'GitJobStatus is the status of the last GitJob run, e.g. \\"Current\\" if there was no error.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains a human readable summary of the status."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains metadata about the resources of each bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceErrors is a sorted list of errors from the resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSyncedImageScanTime is the time of the last image scan."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("p",null,"GitTarget is a cluster or cluster group to deploy to."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of this target."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a label selector to select clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup is the name of a cluster group in the same namespace as the clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a label selector to select cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("p",null,"ResourcePerClusterState is generated for each non-ready resource of the bundles."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is the state of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if the resource is in an error state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message combines the messages from the bundle's summary. Messages are joined with the delimiter ';'."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null},"Patch for modified resources."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterID is the id of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("p",null,"Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.\\n\\nWhen a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("p",null,"BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ignore"),(0,l.kt)("td",{parentName:"tr",align:null},"IgnoreOptions can be used to ignore fields when monitoring the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceLabels are labels that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceAnnotations"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceAnnotations are annotations that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentresource"},"BundleDeploymentResource"),(0,l.kt)("p",null,"BundleDeploymentResource contains the metadata of a deployed resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"createdAt"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedOptions are the deployment options, that are staged for the next deployment."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedDeploymentID is the ID of the staged deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null},"Options are the deployment options, that are currently applied."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"DeploymentID is the ID of the currently applied deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources lists the metadata of resources that were deployed according to the helm release history."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("p",null,"BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is a summary state for the bundle, calculated over the non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("p",null,"BundleNamespaceMapping maps bundles to clusters in other namespaces."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching bundle's labels."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("p",null,"BundleResource represents the content of a single resource from the bundle, like a YAML manifest."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource, can include the bundle's internal path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"The content of the resource, can be compressed."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null},'Encoding is either empty or \\"base64+gz\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleresource"},"BundleResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions is an allow list, which controls if a bundledeployment is created for a target."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null},"NewlyCreated is the number of bundle deployments that have been created, not updated."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"UnavailablePartitions is the number of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable deployments. See rollout configuration."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"PartitionStatus lists the status of each partition."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc.."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("p",null,"BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of bundle deployments that have been deployed where some resources are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"ErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"OutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of bundle deployments that have been deployed where all resources are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null},"Pending is the number of bundle deployments that are being processed by Fleet controller."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of bundle deployments that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of states, which is filled for a bundle that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("p",null,"BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},'Name of target. This value is largely for display and logging. If not specified a default name of the format \\"target000\\" will be used'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName to match a specific cluster by name that will be selected"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup to match a specific cluster group by name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a selector to match cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"doNotDeploy"),(0,l.kt)("td",{parentName:"tr",align:null},"DoNotDeploy if set to true, will not deploy to this target."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("p",null,"BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("p",null,"ComparePatch matches a resource and removes fields from the check for modifications."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the kind of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the apiVersion of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null},"Operations remove a JSON path from the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#operation"},"Operation")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null},"JSONPointers ignore diffs at a certain JSON path."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("p",null,"Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"Content is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null},"ComparePatches match a resource and remove fields from the check for modifications."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("p",null,"HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes Fleet skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"ignoreoptions"},"IgnoreOptions"),(0,l.kt)("p",null,"IgnoreOptions defines conditions to be ignored when monitoring the Bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions to be ignored when monitoring the Bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("p",null,"KustomizeOptions for a deployment."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null},"Dir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of a resource in the same namespace as the referent."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("p",null,"ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("p",null,'NonReadyResource contains information about a bundle that is not ready for a given state like \\"ErrApplied\\". It contains a list of non-ready or modified resources and their states.'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, like e.g. \\"NotReady\\" or \\"ErrApplied\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains information why the bundle is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"ModifiedStatus lists the state for each modified resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyStatus lists the state for each non-ready resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("p",null,"NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("p",null,'Operation of a ComparePatch, usually \\"remove\\".'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null},'Op is usually \\"remove\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null},"Path is the JSON path to remove."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null},"Value is usually empty."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("p",null,"Partition defines a separate rollout strategy for a set of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"A user-friendly name given to the partition used for Display (optional)."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"A cluster group name to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster group labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("p",null,"PartitionStatus is the status of a single rollout partition."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null},"Count is the number of clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary state for the partition, calculated over its non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("p",null,"ResourceKey lists resources, which will likely be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s api kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the k8s api version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("p",null,"RolloverStrategy controls the rollout of the bundle across clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partition"},"Partition")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("p",null,"YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null},'Overlays is a list of names that maps to folders in \\"overlays/\\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSeen is the last time the agent checked in to update the status of the cluster resource."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the namespace of the agent deployment, e.g. \\"cattle-fleet-system\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNodes is the number of nodes that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes is the number of nodes that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes contains the names of ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("p",null,"Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyNodes is a string in the form \\"%d/%d\\", that describes the number of nodes that are ready vs. the number of expected nodes.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null},"SampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State of the cluster, either one of the bundle states, or \\"WaitCheckIn\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("p",null,"ClusterGroup is a re-usable selector to target a group of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is a summary state for the cluster group, showing \\"NotReady\\" if there are non-ready resources.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector is a label selector, used to select clusters for this group."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterCount is the number of clusters in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusterCount is the number of clusters that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of cluster names that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions and their statuses for the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundle deployments and their resources in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("p",null,"ClusterRegistration is used internally by Fleet and should not be used directly."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterLabels are copied to the cluster resource during the registration."),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is only set after the registration is being processed by fleet-controller."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null},"Granted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("p",null,"ClusterRegistrationToken is used by agents to register a new cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null},"TTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null},"Expires is the time when the token expires."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretName is the name of the secret containing the token."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinity"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used."),(0,l.kt)("td",{parentName:"tr",align:null},"*v1.Affinity"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResources"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResources sets the resources for the cluster's agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"*v1.ResourceRequirements"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts is an aggregate over the GitRepoResourceCounts."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyGitRepos is the number of gitrepos for this cluster that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVarsHash is a hash of the agent's env vars, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentPrivateRepoURL is the private repo URL for the agent that is currently used."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentDeployedGeneration is the generation of the agent that is currently deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"CattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinityHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResourcesHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResourcesHash is a hash of the agent's resources configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerationsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentConfigChanged"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerURL"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerCAHash"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerCAHash is a hash of the upstream API server CA, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready bundles, nodes and a summary state."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentStatus contains information about the agent."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7383],{3905:(t,e,a)=>{a.d(e,{Zo:()=>s,kt:()=>k});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var p=n.createContext({}),m=function(t){var e=n.useContext(p),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},s=function(t){var e=m(t.components);return n.createElement(p.Provider,{value:e},t.children)},d={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},o=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,p=t.parentName,s=u(t,["components","mdxType","originalType","parentName"]),o=m(a),k=l,N=o["".concat(p,".").concat(k)]||o[k]||d[k]||r;return a?n.createElement(N,i(i({ref:e},s),{},{components:a})):n.createElement(N,i({ref:e},s))}));function k(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=o;var u={};for(var p in e)hasOwnProperty.call(e,p)&&(u[p]=e[p]);u.originalType=t,u.mdxType="string"==typeof t?t:l,i[1]=u;for(var m=2;m{a.r(e),a.d(e,{assets:()=>p,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>u,toc:()=>m});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",u={unversionedId:"ref-crds",id:"version-0.8/ref-crds",title:"Custom Resources Spec",description:"* GitRepo",source:"@site/versioned_docs/version-0.8/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/0.8/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-crds.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"List of Deployed Resources",permalink:"/0.8/ref-resources"},next:{title:"fleet.yaml",permalink:"/0.8/ref-fleet-yaml"}},p={},m=[{value:"CorrectDrift",id:"correctdrift",level:4},{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"Bundle",id:"bundle",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentResource",id:"bundledeploymentresource",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"Content",id:"content",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"IgnoreOptions",id:"ignoreoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4}],s={toc:m};function d(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},s,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus"))),(0,l.kt)("h4",{id:"correctdrift"},"CorrectDrift"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"enabled"),(0,l.kt)("td",{parentName:"tr",align:null},"Enabled correct drift if true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force helm rollback with --force option will be used if true. This will try to recreate all resources in the release."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepFailHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepFailHistory keeps track of failed rollbacks in the helm history."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("p",null,"GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundleDeployments is a string in the form \\"%d/%d\\", that describes the number of ready bundledeployments over the total number of bundledeployments.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the GitRepo, e.g. \\"GitUpdating\\" or the maximal BundleState according to StateRank.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains the relevant message from the deployment conditions."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if a message is present."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("p",null,"GitRepoResource contains metadata about the resources of a bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the API version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null},'Type is the type of the resource, e.g. \\"apiextensions.k8s.io.customresourcedefinition\\" or \\"configmap\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null},'ID is the name of the resource, e.g. \\"namespace1/my-config\\" or \\"backingimagemanagers.storage.io\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null},"IncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, e.g. \\"Unknown\\", \\"WaitApplied\\", \\"ErrApplied\\" or \\"Ready\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if any Error in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if any Transitioning in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message is the first message from the PerClusterStates."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null},"PerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("p",null,"GitRepoResourceCounts contains the number of resources in each state."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of resources that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of resources that are waiting to be applied."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of resources that have been modified."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null},"Orphaned is the number of orphaned resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null},"Missing is the number of missing resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null},"Unknown is the number of resources in an unknown state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of not ready resources. Resources are not ready if they do not match any other state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("p",null,"GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultServiceAccount overrides the GitRepo's default service account."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultClientSecretName overrides the GitRepo's default client secret."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for a private Helm repository."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretNameForPaths"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretNameForPaths contains the auth secret for private Helm repository for each path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of targets this repo will deploy to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gittarget"},"GitTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when a new image is scanned and written back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit is the Git commit hash from the last gitjob run."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyClusters\\tis the number of clusters that should be ready for bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null},'GitJobStatus is the status of the last GitJob run, e.g. \\"Current\\" if there was no error.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains a human readable summary of the status."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains metadata about the resources of each bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceErrors is a sorted list of errors from the resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSyncedImageScanTime is the time of the last image scan."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("p",null,"GitTarget is a cluster or cluster group to deploy to."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of this target."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a label selector to select clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup is the name of a cluster group in the same namespace as the clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a label selector to select cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("p",null,"ResourcePerClusterState is generated for each non-ready resource of the bundles."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is the state of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if the resource is in an error state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message combines the messages from the bundle's summary. Messages are joined with the delimiter ';'."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null},"Patch for modified resources."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterID is the id of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("p",null,"Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.\\n\\nWhen a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("p",null,"BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ignore"),(0,l.kt)("td",{parentName:"tr",align:null},"IgnoreOptions can be used to ignore fields when monitoring the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceLabels are labels that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceAnnotations"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceAnnotations are annotations that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentresource"},"BundleDeploymentResource"),(0,l.kt)("p",null,"BundleDeploymentResource contains the metadata of a deployed resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"createdAt"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedOptions are the deployment options, that are staged for the next deployment."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedDeploymentID is the ID of the staged deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null},"Options are the deployment options, that are currently applied."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"DeploymentID is the ID of the currently applied deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources lists the metadata of resources that were deployed according to the helm release history."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("p",null,"BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is a summary state for the bundle, calculated over the non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("p",null,"BundleNamespaceMapping maps bundles to clusters in other namespaces."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching bundle's labels."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("p",null,"BundleResource represents the content of a single resource from the bundle, like a YAML manifest."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource, can include the bundle's internal path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"The content of the resource, can be compressed."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null},'Encoding is either empty or \\"base64+gz\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleresource"},"BundleResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions is an allow list, which controls if a bundledeployment is created for a target."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null},"NewlyCreated is the number of bundle deployments that have been created, not updated."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"UnavailablePartitions is the number of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable deployments. See rollout configuration."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"PartitionStatus lists the status of each partition."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc.."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("p",null,"BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of bundle deployments that have been deployed where some resources are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"ErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"OutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of bundle deployments that have been deployed where all resources are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null},"Pending is the number of bundle deployments that are being processed by Fleet controller."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of bundle deployments that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of states, which is filled for a bundle that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("p",null,"BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},'Name of target. This value is largely for display and logging. If not specified a default name of the format \\"target000\\" will be used'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName to match a specific cluster by name that will be selected"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup to match a specific cluster group by name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a selector to match cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"doNotDeploy"),(0,l.kt)("td",{parentName:"tr",align:null},"DoNotDeploy if set to true, will not deploy to this target."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("p",null,"BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("p",null,"ComparePatch matches a resource and removes fields from the check for modifications."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the kind of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the apiVersion of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null},"Operations remove a JSON path from the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#operation"},"Operation")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null},"JSONPointers ignore diffs at a certain JSON path."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("p",null,"Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"Content is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null},"ComparePatches match a resource and remove fields from the check for modifications."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("p",null,"HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes Fleet skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"ignoreoptions"},"IgnoreOptions"),(0,l.kt)("p",null,"IgnoreOptions defines conditions to be ignored when monitoring the Bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions to be ignored when monitoring the Bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("p",null,"KustomizeOptions for a deployment."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null},"Dir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of a resource in the same namespace as the referent."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("p",null,"ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("p",null,'NonReadyResource contains information about a bundle that is not ready for a given state like \\"ErrApplied\\". It contains a list of non-ready or modified resources and their states.'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, like e.g. \\"NotReady\\" or \\"ErrApplied\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains information why the bundle is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"ModifiedStatus lists the state for each modified resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyStatus lists the state for each non-ready resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("p",null,"NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("p",null,'Operation of a ComparePatch, usually \\"remove\\".'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null},'Op is usually \\"remove\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null},"Path is the JSON path to remove."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null},"Value is usually empty."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("p",null,"Partition defines a separate rollout strategy for a set of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"A user-friendly name given to the partition used for Display (optional)."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"A cluster group name to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster group labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("p",null,"PartitionStatus is the status of a single rollout partition."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null},"Count is the number of clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary state for the partition, calculated over its non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("p",null,"ResourceKey lists resources, which will likely be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s api kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the k8s api version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("p",null,"RolloverStrategy controls the rollout of the bundle across clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partition"},"Partition")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("p",null,"YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null},'Overlays is a list of names that maps to folders in \\"overlays/\\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSeen is the last time the agent checked in to update the status of the cluster resource."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the namespace of the agent deployment, e.g. \\"cattle-fleet-system\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNodes is the number of nodes that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes is the number of nodes that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes contains the names of ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("p",null,"Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyNodes is a string in the form \\"%d/%d\\", that describes the number of nodes that are ready vs. the number of expected nodes.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null},"SampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State of the cluster, either one of the bundle states, or \\"WaitCheckIn\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("p",null,"ClusterGroup is a re-usable selector to target a group of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is a summary state for the cluster group, showing \\"NotReady\\" if there are non-ready resources.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector is a label selector, used to select clusters for this group."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterCount is the number of clusters in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusterCount is the number of clusters that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of cluster names that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions and their statuses for the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundle deployments and their resources in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("p",null,"ClusterRegistration is used internally by Fleet and should not be used directly."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterLabels are copied to the cluster resource during the registration."),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is only set after the registration is being processed by fleet-controller."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null},"Granted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("p",null,"ClusterRegistrationToken is used by agents to register a new cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null},"TTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null},"Expires is the time when the token expires."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretName is the name of the secret containing the token."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinity"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used."),(0,l.kt)("td",{parentName:"tr",align:null},"*v1.Affinity"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResources"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResources sets the resources for the cluster's agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"*v1.ResourceRequirements"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts is an aggregate over the GitRepoResourceCounts."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyGitRepos is the number of gitrepos for this cluster that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVarsHash is a hash of the agent's env vars, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentPrivateRepoURL is the private repo URL for the agent that is currently used."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentDeployedGeneration is the generation of the agent that is currently deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"CattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinityHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResourcesHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResourcesHash is a hash of the agent's resources configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerationsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentConfigChanged"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerURL"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerCAHash"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerCAHash is a hash of the upstream API server CA, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready bundles, nodes and a summary state."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentStatus contains information about the agent."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/635f26b6.e95f903c.js b/assets/js/635f26b6.101d7413.js similarity index 99% rename from assets/js/635f26b6.e95f903c.js rename to assets/js/635f26b6.101d7413.js index 1fab9c7a2..4122476fc 100644 --- a/assets/js/635f26b6.e95f903c.js +++ b/assets/js/635f26b6.101d7413.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8927],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),r=n(6010);const l="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,r.Z)(l,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),r=n(7294),l=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return r.Children.map(e,(e=>{if((0,r.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:r}}=e;return{value:t,label:n,attributes:a,default:r}}))}function p(e){const{values:t,children:n}=e;return(0,r.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),l=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(l),(0,r.useCallback)((e=>{if(!l)return;const t=new URLSearchParams(a.location.search);t.set(l,e),a.replace({...a.location,search:t.toString()})}),[l,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,l=p(e),[i,s]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:l}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,l]=(0,c.Nk)(n);return[a,(0,r.useCallback)((e=>{n&&l.set(e)}),[n,l])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:l})?e:null})();(0,r.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:l}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,l]),tabValues:l}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,l.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return r.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,l.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function v(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return r.createElement("div",{className:(0,l.Z)("tabs-container",f)},r.createElement(y,(0,a.Z)({},e,t)),r.createElement(v,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return r.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},3472:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>d,contentTitle:()=>u,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var a=n(7462),r=(n(7294),n(3905)),l=(n(6828),n(814)),i=n(4866),s=n(5162);const o={},u="Register Downstream Clusters",c={unversionedId:"cluster-registration",id:"version-0.8/cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/versioned_docs/version-0.8/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/0.8/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cluster-registration.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/0.8/installation"},next:{title:"Create Cluster Groups",permalink:"/0.8/cluster-group"}},d={},p=[{value:"Overview",id:"overview",level:2},{value:"Agent-Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager-Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],m={toc:p};function h(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,r.kt)("h2",{id:"overview"},"Overview"),(0,r.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,r.kt)("strong",{parentName:"p"},"agent-initiated")," and ",(0,r.kt)("strong",{parentName:"p"},"manager-initiated")," registration. Typically one would\ngo with the agent-initiated registration but there are specific use cases in which\nmanager-initiated is a better workflow."),(0,r.kt)("h3",{id:"agent-initiated-registration"},"Agent-Initiated Registration"),(0,r.kt)("p",null,"Agent-initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,r.kt)("h3",{id:"manager-initiated-registration"},"Manager-Initiated Registration"),(0,r.kt)("p",null,"Manager-initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,r.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,r.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,r.kt)("strong",{parentName:"p"},"client ID")," or ",(0,r.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,r.kt)("a",{parentName:"p",href:"/0.8/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,r.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,r.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,r.kt)("p",null,"The ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe ",(0,r.kt)("a",{parentName:"p",href:"/0.8/architecture#security"},"cluster registration token")," is manifested as a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,r.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,r.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,r.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,r.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,r.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,r.kt)("p",null,"First, follow the ",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,r.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,r.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,r.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,r.kt)("p",null,"Value in ",(0,r.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,r.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,r.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,r.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,r.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.8/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,r.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,r.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,r.kt)("p",null,"First, create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,r.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,r.kt)("p",null,"Third, setup your environment to use the client ID."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.8/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager-initiated registration"),":\nFor manager-initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent-initiated registration the downstream cluster must have a ",(0,r.kt)("a",{parentName:"p",href:"/0.8/architecture#security"},"cluster registration token"),".\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.8/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,r.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,r.kt)("p",null,"The manager-initiated registration flow is accomplished by creating a\n",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,r.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,r.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,r.kt)("a",{parentName:"p",href:"/0.8/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,r.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,r.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,r.kt)("p",null,"The format of this secret is intended to match the ",(0,r.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,r.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,r.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,r.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8927],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),r=n(6010);const l="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,r.Z)(l,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),r=n(7294),l=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return r.Children.map(e,(e=>{if((0,r.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:r}}=e;return{value:t,label:n,attributes:a,default:r}}))}function p(e){const{values:t,children:n}=e;return(0,r.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),l=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(l),(0,r.useCallback)((e=>{if(!l)return;const t=new URLSearchParams(a.location.search);t.set(l,e),a.replace({...a.location,search:t.toString()})}),[l,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,l=p(e),[i,s]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:l}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,l]=(0,c.Nk)(n);return[a,(0,r.useCallback)((e=>{n&&l.set(e)}),[n,l])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:l})?e:null})();(0,r.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:l}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,l]),tabValues:l}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,l.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return r.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,l.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function v(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return r.createElement("div",{className:(0,l.Z)("tabs-container",f)},r.createElement(y,(0,a.Z)({},e,t)),r.createElement(v,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return r.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},3472:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>d,contentTitle:()=>u,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var a=n(7462),r=(n(7294),n(3905)),l=(n(6828),n(814)),i=n(4866),s=n(5162);const o={},u="Register Downstream Clusters",c={unversionedId:"cluster-registration",id:"version-0.8/cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/versioned_docs/version-0.8/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/0.8/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cluster-registration.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/0.8/installation"},next:{title:"Create Cluster Groups",permalink:"/0.8/cluster-group"}},d={},p=[{value:"Overview",id:"overview",level:2},{value:"Agent-Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager-Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],m={toc:p};function h(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,r.kt)("h2",{id:"overview"},"Overview"),(0,r.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,r.kt)("strong",{parentName:"p"},"agent-initiated")," and ",(0,r.kt)("strong",{parentName:"p"},"manager-initiated")," registration. Typically one would\ngo with the agent-initiated registration but there are specific use cases in which\nmanager-initiated is a better workflow."),(0,r.kt)("h3",{id:"agent-initiated-registration"},"Agent-Initiated Registration"),(0,r.kt)("p",null,"Agent-initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,r.kt)("h3",{id:"manager-initiated-registration"},"Manager-Initiated Registration"),(0,r.kt)("p",null,"Manager-initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,r.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,r.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,r.kt)("strong",{parentName:"p"},"client ID")," or ",(0,r.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,r.kt)("a",{parentName:"p",href:"/0.8/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,r.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,r.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,r.kt)("p",null,"The ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe ",(0,r.kt)("a",{parentName:"p",href:"/0.8/architecture#security"},"cluster registration token")," is manifested as a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,r.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,r.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,r.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,r.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,r.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,r.kt)("p",null,"First, follow the ",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,r.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,r.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,r.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,r.kt)("p",null,"Value in ",(0,r.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,r.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,r.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,r.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,r.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.8/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,r.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,r.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,r.kt)("p",null,"First, create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,r.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,r.kt)("p",null,"Third, setup your environment to use the client ID."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.8/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager-initiated registration"),":\nFor manager-initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent-initiated registration the downstream cluster must have a ",(0,r.kt)("a",{parentName:"p",href:"/0.8/architecture#security"},"cluster registration token"),".\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.8/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,r.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,r.kt)("p",null,"The manager-initiated registration flow is accomplished by creating a\n",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,r.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,r.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,r.kt)("a",{parentName:"p",href:"/0.8/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,r.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,r.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,r.kt)("p",null,"The format of this secret is intended to match the ",(0,r.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,r.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,r.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,r.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/63e62f73.0ae194d6.js b/assets/js/63e62f73.fc33d64c.js similarity index 97% rename from assets/js/63e62f73.0ae194d6.js rename to assets/js/63e62f73.fc33d64c.js index b419a6e90..307b91d74 100644 --- a/assets/js/63e62f73.0ae194d6.js +++ b/assets/js/63e62f73.fc33d64c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9719],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},s=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),u=f(n),m=a,g=u["".concat(c,".").concat(m)]||u[m]||p[m]||l;return n?r.createElement(g,o(o({ref:t},s),{},{components:n})):r.createElement(g,o({ref:t},s))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>l,metadata:()=>i,toc:()=>f});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/docs/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-controller/fleet-manager.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/cli/fleet-cli/fleet_test"},next:{title:"fleet-manager agentmanagement",permalink:"/cli/fleet-controller/fleet-manager_agentmanagement"}},c={},f=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],s={toc:f};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-gitops disable gitops components\n --disable-metrics disable metrics\n -h, --help help for fleet-manager\n --kubeconfig string Paths to a kubeconfig. Only required if out-of-cluster.\n --namespace string namespace to watch (default \"cattle-fleet-system\")\n --shard-id string only manage resources labeled with a specific shard ID\n --zap-devel Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)\n --zap-encoder encoder Zap log encoding (one of 'json' or 'console')\n --zap-log-level level Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity\n --zap-stacktrace-level level Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').\n --zap-time-encoding time-encoding Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager_agentmanagement"},"fleet-manager agentmanagement"),"\t - "),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager_cleanup"},"fleet-manager cleanup"),"\t - "),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager_gitjob"},"fleet-manager gitjob"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9719],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},s=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),u=f(n),m=a,g=u["".concat(c,".").concat(m)]||u[m]||p[m]||l;return n?r.createElement(g,o(o({ref:t},s),{},{components:n})):r.createElement(g,o({ref:t},s))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>l,metadata:()=>i,toc:()=>f});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/docs/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-controller/fleet-manager.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/cli/fleet-cli/fleet_test"},next:{title:"fleet-manager agentmanagement",permalink:"/cli/fleet-controller/fleet-manager_agentmanagement"}},c={},f=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],s={toc:f};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-gitops disable gitops components\n --disable-metrics disable metrics\n -h, --help help for fleet-manager\n --kubeconfig string Paths to a kubeconfig. Only required if out-of-cluster.\n --namespace string namespace to watch (default \"cattle-fleet-system\")\n --shard-id string only manage resources labeled with a specific shard ID\n --zap-devel Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)\n --zap-encoder encoder Zap log encoding (one of 'json' or 'console')\n --zap-log-level level Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity\n --zap-stacktrace-level level Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').\n --zap-time-encoding time-encoding Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager_agentmanagement"},"fleet-manager agentmanagement"),"\t - "),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager_cleanup"},"fleet-manager cleanup"),"\t - "),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager_gitjob"},"fleet-manager gitjob"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/64b4770e.7f03c6e8.js b/assets/js/64b4770e.42075229.js similarity index 99% rename from assets/js/64b4770e.7f03c6e8.js rename to assets/js/64b4770e.42075229.js index 9be8b84ff..1d87214de 100644 --- a/assets/js/64b4770e.7f03c6e8.js +++ b/assets/js/64b4770e.42075229.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8976],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,m=o(e,["components","mdxType","originalType","parentName"]),c=p(n),u=l,h=c["".concat(s,".").concat(u)]||c[u]||d[u]||r;return n?a.createElement(h,i(i({ref:t},m),{},{components:n})):a.createElement(h,i({ref:t},m))}));function u(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=c;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>o,toc:()=>p});var a=n(7462),l=(n(7294),n(3905));const r={},i="Git Repository Contents",o={unversionedId:"gitrepo-content",id:"version-0.8/gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.8/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/0.8/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/gitrepo-content.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/0.8/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/0.8/namespaces"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"Excluding files and directories from bundles",id:"excluding-files-and-directories-from-bundles",level:3},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2}],m={toc:p};function d(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,l.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,l.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,l.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,l.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,l.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,l.kt)("p",null,"Multiple paths can be defined for a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,l.kt)("a",{parentName:"p",href:"/0.8/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,l.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"File"),(0,l.kt)("th",{parentName:"tr",align:null},"Location"),(0,l.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,l.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,l.kt)("a",{parentName:"td",href:"/0.8/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"}," *.yaml ")),(0,l.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,l.kt)("td",{parentName:"tr",align:null},"If a ",(0,l.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,l.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,l.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,l.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")),(0,l.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,l.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,l.kt)("h3",{id:"excluding-files-and-directories-from-bundles"},"Excluding files and directories from bundles"),(0,l.kt)("p",null,"Fleet supports file and directory exclusion by means of ",(0,l.kt)("inlineCode",{parentName:"p"},".fleetignore")," files, in a similar fashion to how ",(0,l.kt)("inlineCode",{parentName:"p"},".gitignore"),"\nfiles behave in git repositories:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"Glob syntax is used to match files or directories, using Golang's\n",(0,l.kt)("a",{parentName:"li",href:"https://pkg.go.dev/path/filepath#Match"},(0,l.kt)("inlineCode",{parentName:"a"},"filepath.Match"))),(0,l.kt)("li",{parentName:"ul"},"Empty lines are skipped, and can therefore be used to improve readability"),(0,l.kt)("li",{parentName:"ul"},"Characters like white spaces and ",(0,l.kt)("inlineCode",{parentName:"li"},"#")," can be escaped with a backslash"),(0,l.kt)("li",{parentName:"ul"},"Trailing spaces are ignored, unless escaped"),(0,l.kt)("li",{parentName:"ul"},"Comments, ie lines starting with unescaped ",(0,l.kt)("inlineCode",{parentName:"li"},"#"),", are skipped"),(0,l.kt)("li",{parentName:"ul"},"A given line can match a file or a directory, even if no separator is provided: eg. ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir/*")," and ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")," are both\nvalid ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," lines, and ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")," matches both files and directories called ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")),(0,l.kt)("li",{parentName:"ul"},"A match may be found for a file or directory at any level below the directory where a ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," lives, ie\n",(0,l.kt)("inlineCode",{parentName:"li"},"foo.yaml")," will match ",(0,l.kt)("inlineCode",{parentName:"li"},"./foo.yaml")," as well as ",(0,l.kt)("inlineCode",{parentName:"li"},"./path/to/foo.yaml")),(0,l.kt)("li",{parentName:"ul"},"Multiple ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," files are supported. For instance, in the following directory structure, only\n",(0,l.kt)("inlineCode",{parentName:"li"},"root/something.yaml"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"bar/something2.yaml")," and ",(0,l.kt)("inlineCode",{parentName:"li"},"foo/something.yaml")," will end up in a bundle:")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"root/\n\u251c\u2500\u2500 .fleetignore # contains `ignore-always.yaml'\n\u251c\u2500\u2500 something.yaml\n\u251c\u2500\u2500 bar\n\u2502\xa0\xa0 \u251c\u2500\u2500 .fleetignore # contains `something.yaml`\n\u2502\xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n\u2502\xa0\xa0 \u251c\u2500\u2500 something2.yaml\n\u2502\xa0\xa0 \u2514\u2500\u2500 something.yaml\n\u2514\u2500\u2500 foo\n \xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n \xa0\xa0 \u2514\u2500\u2500 something.yaml\n")),(0,l.kt)("p",null,"This currently comes with a few limitations, the following not being supported:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"Double asterisks (",(0,l.kt)("inlineCode",{parentName:"li"},"**"),")"),(0,l.kt)("li",{parentName:"ul"},"Explicit inclusions with ",(0,l.kt)("inlineCode",{parentName:"li"},"!"))),(0,l.kt)("h2",{id:"fleetyaml"},(0,l.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,l.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,l.kt)("a",{parentName:"p",href:"/0.8/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,l.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,l.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,l.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,l.kt)("p",null,"The available fields are documented in the ",(0,l.kt)("a",{parentName:"p",href:"/0.8/ref-fleet-yaml"},"fleet.yaml reference")),(0,l.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,l.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,l.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,l.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,l.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,l.kt)("p",null,"These examples showcase the style and format for using ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,l.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,l.kt)("p",null,"Example ",(0,l.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,l.kt)("p",null,"Example ",(0,l.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,l.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,l.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,l.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,l.kt)("p",null,"The resources can then be referenced from a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,l.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,l.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,l.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,l.kt)("p",null,"There are three approaches to matching clusters for both ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,l.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,l.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,l.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: all\n # Match everything\n clusterSelector: {}\n- name: none\n # Selector ignored\n clusterSelector: null\n")),(0,l.kt)("p",null,"When matching a cluster by name, make sure to use the name of the\n",(0,l.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource. The Rancher UI also has a provisioning and\na management cluster resource. Since the management cluster resource is not\nnamespaced, its name is different and contains a random suffix."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: prod\n clusterName: fleetname\n")),(0,l.kt)("p",null,"See ",(0,l.kt)("a",{parentName:"p",href:"gitrepo-targets#customization-per-cluster"},"Mapping to Downstream Clusters")," for more information and a list of supported customizations."),(0,l.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,l.kt)("p",null,"When using Kustomize or Helm the ",(0,l.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,l.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,l.kt)("p",null,"A file named ",(0,l.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,l.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,l.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,l.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,l.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,l.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,l.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,l.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,l.kt)("p",null,"See ",(0,l.kt)("a",{parentName:"p",href:"/0.8/cluster-bundles-state"},"Cluster and Bundle state"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8976],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,m=o(e,["components","mdxType","originalType","parentName"]),c=p(n),u=l,h=c["".concat(s,".").concat(u)]||c[u]||d[u]||r;return n?a.createElement(h,i(i({ref:t},m),{},{components:n})):a.createElement(h,i({ref:t},m))}));function u(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=c;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>o,toc:()=>p});var a=n(7462),l=(n(7294),n(3905));const r={},i="Git Repository Contents",o={unversionedId:"gitrepo-content",id:"version-0.8/gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.8/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/0.8/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/gitrepo-content.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/0.8/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/0.8/namespaces"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"Excluding files and directories from bundles",id:"excluding-files-and-directories-from-bundles",level:3},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2}],m={toc:p};function d(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,l.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,l.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,l.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,l.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,l.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,l.kt)("p",null,"Multiple paths can be defined for a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,l.kt)("a",{parentName:"p",href:"/0.8/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,l.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"File"),(0,l.kt)("th",{parentName:"tr",align:null},"Location"),(0,l.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,l.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,l.kt)("a",{parentName:"td",href:"/0.8/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"}," *.yaml ")),(0,l.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,l.kt)("td",{parentName:"tr",align:null},"If a ",(0,l.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,l.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,l.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,l.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")),(0,l.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,l.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,l.kt)("h3",{id:"excluding-files-and-directories-from-bundles"},"Excluding files and directories from bundles"),(0,l.kt)("p",null,"Fleet supports file and directory exclusion by means of ",(0,l.kt)("inlineCode",{parentName:"p"},".fleetignore")," files, in a similar fashion to how ",(0,l.kt)("inlineCode",{parentName:"p"},".gitignore"),"\nfiles behave in git repositories:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"Glob syntax is used to match files or directories, using Golang's\n",(0,l.kt)("a",{parentName:"li",href:"https://pkg.go.dev/path/filepath#Match"},(0,l.kt)("inlineCode",{parentName:"a"},"filepath.Match"))),(0,l.kt)("li",{parentName:"ul"},"Empty lines are skipped, and can therefore be used to improve readability"),(0,l.kt)("li",{parentName:"ul"},"Characters like white spaces and ",(0,l.kt)("inlineCode",{parentName:"li"},"#")," can be escaped with a backslash"),(0,l.kt)("li",{parentName:"ul"},"Trailing spaces are ignored, unless escaped"),(0,l.kt)("li",{parentName:"ul"},"Comments, ie lines starting with unescaped ",(0,l.kt)("inlineCode",{parentName:"li"},"#"),", are skipped"),(0,l.kt)("li",{parentName:"ul"},"A given line can match a file or a directory, even if no separator is provided: eg. ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir/*")," and ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")," are both\nvalid ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," lines, and ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")," matches both files and directories called ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")),(0,l.kt)("li",{parentName:"ul"},"A match may be found for a file or directory at any level below the directory where a ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," lives, ie\n",(0,l.kt)("inlineCode",{parentName:"li"},"foo.yaml")," will match ",(0,l.kt)("inlineCode",{parentName:"li"},"./foo.yaml")," as well as ",(0,l.kt)("inlineCode",{parentName:"li"},"./path/to/foo.yaml")),(0,l.kt)("li",{parentName:"ul"},"Multiple ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," files are supported. For instance, in the following directory structure, only\n",(0,l.kt)("inlineCode",{parentName:"li"},"root/something.yaml"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"bar/something2.yaml")," and ",(0,l.kt)("inlineCode",{parentName:"li"},"foo/something.yaml")," will end up in a bundle:")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"root/\n\u251c\u2500\u2500 .fleetignore # contains `ignore-always.yaml'\n\u251c\u2500\u2500 something.yaml\n\u251c\u2500\u2500 bar\n\u2502\xa0\xa0 \u251c\u2500\u2500 .fleetignore # contains `something.yaml`\n\u2502\xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n\u2502\xa0\xa0 \u251c\u2500\u2500 something2.yaml\n\u2502\xa0\xa0 \u2514\u2500\u2500 something.yaml\n\u2514\u2500\u2500 foo\n \xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n \xa0\xa0 \u2514\u2500\u2500 something.yaml\n")),(0,l.kt)("p",null,"This currently comes with a few limitations, the following not being supported:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"Double asterisks (",(0,l.kt)("inlineCode",{parentName:"li"},"**"),")"),(0,l.kt)("li",{parentName:"ul"},"Explicit inclusions with ",(0,l.kt)("inlineCode",{parentName:"li"},"!"))),(0,l.kt)("h2",{id:"fleetyaml"},(0,l.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,l.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,l.kt)("a",{parentName:"p",href:"/0.8/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,l.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,l.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,l.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,l.kt)("p",null,"The available fields are documented in the ",(0,l.kt)("a",{parentName:"p",href:"/0.8/ref-fleet-yaml"},"fleet.yaml reference")),(0,l.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,l.kt)("a",{parentName:"p",href:"/0.8/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,l.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,l.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,l.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,l.kt)("p",null,"These examples showcase the style and format for using ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,l.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,l.kt)("p",null,"Example ",(0,l.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,l.kt)("p",null,"Example ",(0,l.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,l.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,l.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,l.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,l.kt)("p",null,"The resources can then be referenced from a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,l.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,l.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,l.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,l.kt)("p",null,"There are three approaches to matching clusters for both ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,l.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,l.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,l.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: all\n # Match everything\n clusterSelector: {}\n- name: none\n # Selector ignored\n clusterSelector: null\n")),(0,l.kt)("p",null,"When matching a cluster by name, make sure to use the name of the\n",(0,l.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource. The Rancher UI also has a provisioning and\na management cluster resource. Since the management cluster resource is not\nnamespaced, its name is different and contains a random suffix."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: prod\n clusterName: fleetname\n")),(0,l.kt)("p",null,"See ",(0,l.kt)("a",{parentName:"p",href:"gitrepo-targets#customization-per-cluster"},"Mapping to Downstream Clusters")," for more information and a list of supported customizations."),(0,l.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,l.kt)("p",null,"When using Kustomize or Helm the ",(0,l.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,l.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,l.kt)("p",null,"A file named ",(0,l.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,l.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,l.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,l.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,l.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,l.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,l.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,l.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,l.kt)("p",null,"See ",(0,l.kt)("a",{parentName:"p",href:"/0.8/cluster-bundles-state"},"Cluster and Bundle state"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/680ed9ed.5e739f60.js b/assets/js/680ed9ed.2e1e0ea3.js similarity index 98% rename from assets/js/680ed9ed.5e739f60.js rename to assets/js/680ed9ed.2e1e0ea3.js index 5433086cf..4ff6fcbb6 100644 --- a/assets/js/680ed9ed.5e739f60.js +++ b/assets/js/680ed9ed.2e1e0ea3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[835],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),s=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=s(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),d=s(n),m=a,g=d["".concat(l,".").concat(m)]||d[m]||p[m]||i;return n?r.createElement(g,o(o({ref:t},u),{},{components:n})):r.createElement(g,o({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=n.length,o=new Array(i);o[0]=d;var c={};for(var l in t)hasOwnProperty.call(t,l)&&(c[l]=t[l]);c.originalType=e,c.mdxType="string"==typeof e?e:a,o[1]=c;for(var s=2;s{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>c,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const i={},o="Manager Initiated",c={unversionedId:"manager-initiated",id:"version-0.4/manager-initiated",title:"Manager Initiated",description:"Refer to the overview page for a background information on the manager initiated registration style.",source:"@site/versioned_docs/version-0.4/manager-initiated.md",sourceDirName:".",slug:"/manager-initiated",permalink:"/0.4/manager-initiated",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/manager-initiated.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Agent Initiated",permalink:"/0.4/agent-initiated"},next:{title:"Cluster Groups",permalink:"/0.4/cluster-group"}},l={},s=[{value:"Kubeconfig Secret",id:"kubeconfig-secret",level:2},{value:"Example",id:"example",level:2},{value:"Kubeconfig Secret",id:"kubeconfig-secret-1",level:3},{value:"Cluster",id:"cluster",level:3}],u={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"manager-initiated"},"Manager Initiated"),(0,a.kt)("p",null,"Refer to the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/cluster-overview#agent-initiated-registration"},"overview page")," for a background information on the manager initiated registration style."),(0,a.kt)("h2",{id:"kubeconfig-secret"},"Kubeconfig Secret"),(0,a.kt)("p",null,"The manager initiated registration flow is accomplished by creating a\n",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,a.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,a.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,a.kt)("p",null,"The format of this secret is intended to match the ",(0,a.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format"),"\nof the kubeconfig\nsecret used in ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically\nregistered with Fleet."),(0,a.kt)("h2",{id:"example"},"Example"),(0,a.kt)("h3",{id:"kubeconfig-secret-1"},"Kubeconfig Secret"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,a.kt)("h3",{id:"cluster"},"Cluster"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[835],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),s=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=s(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=c(e,["components","mdxType","originalType","parentName"]),d=s(n),m=a,g=d["".concat(l,".").concat(m)]||d[m]||p[m]||i;return n?r.createElement(g,o(o({ref:t},u),{},{components:n})):r.createElement(g,o({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=n.length,o=new Array(i);o[0]=d;var c={};for(var l in t)hasOwnProperty.call(t,l)&&(c[l]=t[l]);c.originalType=e,c.mdxType="string"==typeof e?e:a,o[1]=c;for(var s=2;s{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>c,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const i={},o="Manager Initiated",c={unversionedId:"manager-initiated",id:"version-0.4/manager-initiated",title:"Manager Initiated",description:"Refer to the overview page for a background information on the manager initiated registration style.",source:"@site/versioned_docs/version-0.4/manager-initiated.md",sourceDirName:".",slug:"/manager-initiated",permalink:"/0.4/manager-initiated",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/manager-initiated.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Agent Initiated",permalink:"/0.4/agent-initiated"},next:{title:"Cluster Groups",permalink:"/0.4/cluster-group"}},l={},s=[{value:"Kubeconfig Secret",id:"kubeconfig-secret",level:2},{value:"Example",id:"example",level:2},{value:"Kubeconfig Secret",id:"kubeconfig-secret-1",level:3},{value:"Cluster",id:"cluster",level:3}],u={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"manager-initiated"},"Manager Initiated"),(0,a.kt)("p",null,"Refer to the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/cluster-overview#agent-initiated-registration"},"overview page")," for a background information on the manager initiated registration style."),(0,a.kt)("h2",{id:"kubeconfig-secret"},"Kubeconfig Secret"),(0,a.kt)("p",null,"The manager initiated registration flow is accomplished by creating a\n",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,a.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,a.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,a.kt)("p",null,"The format of this secret is intended to match the ",(0,a.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format"),"\nof the kubeconfig\nsecret used in ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically\nregistered with Fleet."),(0,a.kt)("h2",{id:"example"},"Example"),(0,a.kt)("h3",{id:"kubeconfig-secret-1"},"Kubeconfig Secret"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,a.kt)("h3",{id:"cluster"},"Cluster"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/69dd637e.5b15d585.js b/assets/js/69dd637e.21107e4d.js similarity index 97% rename from assets/js/69dd637e.5b15d585.js rename to assets/js/69dd637e.21107e4d.js index f7ebec083..0353d7657 100644 --- a/assets/js/69dd637e.5b15d585.js +++ b/assets/js/69dd637e.21107e4d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7459],{3905:(e,t,n)=>{n.d(t,{Zo:()=>f,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},f=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(n),d=a,g=u["".concat(c,".").concat(d)]||u[d]||p[d]||l;return n?r.createElement(g,o(o({ref:t},f),{},{components:n})):r.createElement(g,o({ref:t},f))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-agent"},o=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"version-0.9/cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/versioned_docs/version-0.9/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/0.9/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-agent/fleet-agent.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Create a Bundle Resource",permalink:"/0.9/bundle-add"},next:{title:"fleet",permalink:"/0.9/cli/fleet-cli/fleet"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},f,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7459],{3905:(e,t,n)=>{n.d(t,{Zo:()=>f,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},f=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(n),d=a,g=u["".concat(c,".").concat(d)]||u[d]||p[d]||l;return n?r.createElement(g,o(o({ref:t},f),{},{components:n})):r.createElement(g,o({ref:t},f))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-agent"},o=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"version-0.9/cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/versioned_docs/version-0.9/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/0.9/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-agent/fleet-agent.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Create a Bundle Resource",permalink:"/0.9/bundle-add"},next:{title:"fleet",permalink:"/0.9/cli/fleet-cli/fleet"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},f,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/6a840bac.8318a97e.js b/assets/js/6a840bac.82c52083.js similarity index 98% rename from assets/js/6a840bac.8318a97e.js rename to assets/js/6a840bac.82c52083.js index 058838628..d5d49e50f 100644 --- a/assets/js/6a840bac.8318a97e.js +++ b/assets/js/6a840bac.82c52083.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7203],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var n=a(7294),l=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return n.createElement("div",{role:"tabpanel",className:(0,l.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var n=a(7462),l=a(7294),r=a(6010),s=a(2466),u=a(6550),o=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return l.Children.map(e,(e=>{if((0,l.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:n,default:l}}=e;return{value:t,label:a,attributes:n,default:l}}))}function p(e){const{values:t,children:a}=e;return(0,l.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const n=(0,u.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,l.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(n.location.search);t.set(r,e),n.replace({...n.location,search:t.toString()})}),[r,n])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:n}=e,r=p(e),[s,u]=(0,l.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const n=a.find((e=>e.default))??a[0];if(!n)throw new Error("Unexpected error: 0 tabValues");return n.value}({defaultValue:t,tabValues:r}))),[o,i]=m({queryString:a,groupId:n}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[n,r]=(0,c.Nk)(a);return[n,(0,l.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:n}),b=(()=>{const e=o??d;return h({value:e,tabValues:r})?e:null})();(0,l.useLayoutEffect)((()=>{b&&u(b)}),[b]);return{selectedValue:s,selectValue:(0,l.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);u(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:u,selectValue:o,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),n=i[a].value;n!==u&&(d(t),o(n))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return l.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return l.createElement("li",(0,n.Z)({role:"tab",tabIndex:u===t?0:-1,"aria-selected":u===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":u===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:n}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===n));return e?(0,l.cloneElement)(e,{className:"margin-top--md"}):null}return l.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,l.cloneElement)(e,{key:t,hidden:e.props.value!==n}))))}function w(e){const t=f(e);return l.createElement("div",{className:(0,r.Z)("tabs-container",g)},l.createElement(v,(0,n.Z)({},e,t)),l.createElement(y,(0,n.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return l.createElement(w,(0,n.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>n});const n={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},820:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>i,metadata:()=>d,toc:()=>h});var n=a(7462),l=(a(7294),a(3905)),r=a(6828),s=a(814),u=a(4866),o=a(5162);const i={},c="Quick Start",d={unversionedId:"quickstart",id:"version-0.6/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.6/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.6/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/quickstart.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.6/"},next:{title:"Creating a Deployment",permalink:"/0.6/tut-deployment"}},p={},h=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],m={toc:h};function f(e){let{components:t,...i}=e;return(0,l.kt)("wrapper",(0,n.Z)({},m,i,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"quick-start"},"Quick Start"),(0,l.kt)("p",null,(0,l.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,l.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,l.kt)("h2",{id:"install"},"Install"),(0,l.kt)("p",null,"Get helm if you don't have it. Helm 3 is just a CLI and won't do bad insecure\nthings to your cluster."),(0,l.kt)(u.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm")),(0,l.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm"))),(0,l.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d["v0.6"].fleetCRD,"\nhelm -n cattle-fleet-system install --create-namespace --wait \\\n fleet"," ",r.d["v0.6"].fleet),(0,l.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,l.kt)("p",null,"Change ",(0,l.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,l.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,l.kt)("h2",{id:"get-status"},"Get Status"),(0,l.kt)("p",null,"Get status of what fleet is doing"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,l.kt)("p",null,"You should see something like this get created in your cluster."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,l.kt)("p",null,"Enjoy and read the ",(0,l.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7203],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var n=a(7294),l=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return n.createElement("div",{role:"tabpanel",className:(0,l.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var n=a(7462),l=a(7294),r=a(6010),s=a(2466),u=a(6550),o=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return l.Children.map(e,(e=>{if((0,l.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:n,default:l}}=e;return{value:t,label:a,attributes:n,default:l}}))}function p(e){const{values:t,children:a}=e;return(0,l.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const n=(0,u.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,l.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(n.location.search);t.set(r,e),n.replace({...n.location,search:t.toString()})}),[r,n])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:n}=e,r=p(e),[s,u]=(0,l.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const n=a.find((e=>e.default))??a[0];if(!n)throw new Error("Unexpected error: 0 tabValues");return n.value}({defaultValue:t,tabValues:r}))),[o,i]=m({queryString:a,groupId:n}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[n,r]=(0,c.Nk)(a);return[n,(0,l.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:n}),b=(()=>{const e=o??d;return h({value:e,tabValues:r})?e:null})();(0,l.useLayoutEffect)((()=>{b&&u(b)}),[b]);return{selectedValue:s,selectValue:(0,l.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);u(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:u,selectValue:o,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),n=i[a].value;n!==u&&(d(t),o(n))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return l.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return l.createElement("li",(0,n.Z)({role:"tab",tabIndex:u===t?0:-1,"aria-selected":u===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":u===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:n}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===n));return e?(0,l.cloneElement)(e,{className:"margin-top--md"}):null}return l.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,l.cloneElement)(e,{key:t,hidden:e.props.value!==n}))))}function w(e){const t=f(e);return l.createElement("div",{className:(0,r.Z)("tabs-container",g)},l.createElement(v,(0,n.Z)({},e,t)),l.createElement(y,(0,n.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return l.createElement(w,(0,n.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>n});const n={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},820:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>i,metadata:()=>d,toc:()=>h});var n=a(7462),l=(a(7294),a(3905)),r=a(6828),s=a(814),u=a(4866),o=a(5162);const i={},c="Quick Start",d={unversionedId:"quickstart",id:"version-0.6/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.6/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.6/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/quickstart.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.6/"},next:{title:"Creating a Deployment",permalink:"/0.6/tut-deployment"}},p={},h=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],m={toc:h};function f(e){let{components:t,...i}=e;return(0,l.kt)("wrapper",(0,n.Z)({},m,i,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"quick-start"},"Quick Start"),(0,l.kt)("p",null,(0,l.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,l.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,l.kt)("h2",{id:"install"},"Install"),(0,l.kt)("p",null,"Get helm if you don't have it. Helm 3 is just a CLI and won't do bad insecure\nthings to your cluster."),(0,l.kt)(u.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm")),(0,l.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm"))),(0,l.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d["v0.6"].fleetCRD,"\nhelm -n cattle-fleet-system install --create-namespace --wait \\\n fleet"," ",r.d["v0.6"].fleet),(0,l.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,l.kt)("p",null,"Change ",(0,l.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,l.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,l.kt)("h2",{id:"get-status"},"Get Status"),(0,l.kt)("p",null,"Get status of what fleet is doing"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,l.kt)("p",null,"You should see something like this get created in your cluster."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,l.kt)("p",null,"Enjoy and read the ",(0,l.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/6c233221.72dd7504.js b/assets/js/6c233221.01a8f3ed.js similarity index 99% rename from assets/js/6c233221.72dd7504.js rename to assets/js/6c233221.01a8f3ed.js index 3e70122c5..08d644a03 100644 --- a/assets/js/6c233221.72dd7504.js +++ b/assets/js/6c233221.01a8f3ed.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9616],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),r=n(6010);const l="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,r.Z)(l,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),r=n(7294),l=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return r.Children.map(e,(e=>{if((0,r.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:r}}=e;return{value:t,label:n,attributes:a,default:r}}))}function p(e){const{values:t,children:n}=e;return(0,r.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),l=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(l),(0,r.useCallback)((e=>{if(!l)return;const t=new URLSearchParams(a.location.search);t.set(l,e),a.replace({...a.location,search:t.toString()})}),[l,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,l=p(e),[i,s]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:l}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,l]=(0,c.Nk)(n);return[a,(0,r.useCallback)((e=>{n&&l.set(e)}),[n,l])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:l})?e:null})();(0,r.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:l}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,l]),tabValues:l}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,l.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return r.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,l.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function v(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return r.createElement("div",{className:(0,l.Z)("tabs-container",f)},r.createElement(y,(0,a.Z)({},e,t)),r.createElement(v,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return r.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},206:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>d,contentTitle:()=>u,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var a=n(7462),r=(n(7294),n(3905)),l=(n(6828),n(814)),i=n(4866),s=n(5162);const o={},u="Register Downstream Clusters",c={unversionedId:"cluster-registration",id:"version-0.9/cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/versioned_docs/version-0.9/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/0.9/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cluster-registration.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/0.9/installation"},next:{title:"Create Cluster Groups",permalink:"/0.9/cluster-group"}},d={},p=[{value:"Overview",id:"overview",level:2},{value:"Agent-Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager-Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],m={toc:p};function h(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,r.kt)("h2",{id:"overview"},"Overview"),(0,r.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,r.kt)("strong",{parentName:"p"},"agent-initiated")," and ",(0,r.kt)("strong",{parentName:"p"},"manager-initiated")," registration. Typically one would\ngo with the agent-initiated registration but there are specific use cases in which\nmanager-initiated is a better workflow."),(0,r.kt)("h3",{id:"agent-initiated-registration"},"Agent-Initiated Registration"),(0,r.kt)("p",null,"Agent-initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,r.kt)("h3",{id:"manager-initiated-registration"},"Manager-Initiated Registration"),(0,r.kt)("p",null,"Manager-initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,r.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,r.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,r.kt)("strong",{parentName:"p"},"client ID")," or ",(0,r.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,r.kt)("a",{parentName:"p",href:"/0.9/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,r.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,r.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,r.kt)("p",null,"The ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe ",(0,r.kt)("a",{parentName:"p",href:"/0.9/architecture#security"},"cluster registration token")," is manifested as a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,r.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,r.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,r.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,r.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,r.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,r.kt)("p",null,"First, follow the ",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,r.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,r.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,r.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,r.kt)("p",null,"Value in ",(0,r.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,r.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,r.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,r.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,r.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.9/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,r.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,r.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,r.kt)("p",null,"First, create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,r.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,r.kt)("p",null,"Third, setup your environment to use the client ID."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.9/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager-initiated registration"),":\nFor manager-initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent-initiated registration the downstream cluster must have a ",(0,r.kt)("a",{parentName:"p",href:"/0.9/architecture#security"},"cluster registration token"),".\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.9/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,r.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,r.kt)("p",null,"The manager-initiated registration flow is accomplished by creating a\n",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,r.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,r.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,r.kt)("a",{parentName:"p",href:"/0.9/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,r.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,r.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,r.kt)("p",null,"The format of this secret is intended to match the ",(0,r.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,r.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,r.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,r.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9616],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),r=n(6010);const l="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,r.Z)(l,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),r=n(7294),l=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return r.Children.map(e,(e=>{if((0,r.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:r}}=e;return{value:t,label:n,attributes:a,default:r}}))}function p(e){const{values:t,children:n}=e;return(0,r.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),l=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(l),(0,r.useCallback)((e=>{if(!l)return;const t=new URLSearchParams(a.location.search);t.set(l,e),a.replace({...a.location,search:t.toString()})}),[l,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,l=p(e),[i,s]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:l}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,l]=(0,c.Nk)(n);return[a,(0,r.useCallback)((e=>{n&&l.set(e)}),[n,l])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:l})?e:null})();(0,r.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:l}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,l]),tabValues:l}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,l.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return r.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,l.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function v(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return r.createElement("div",{className:(0,l.Z)("tabs-container",f)},r.createElement(y,(0,a.Z)({},e,t)),r.createElement(v,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return r.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},206:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>d,contentTitle:()=>u,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var a=n(7462),r=(n(7294),n(3905)),l=(n(6828),n(814)),i=n(4866),s=n(5162);const o={},u="Register Downstream Clusters",c={unversionedId:"cluster-registration",id:"version-0.9/cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/versioned_docs/version-0.9/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/0.9/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cluster-registration.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/0.9/installation"},next:{title:"Create Cluster Groups",permalink:"/0.9/cluster-group"}},d={},p=[{value:"Overview",id:"overview",level:2},{value:"Agent-Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager-Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],m={toc:p};function h(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,r.kt)("h2",{id:"overview"},"Overview"),(0,r.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,r.kt)("strong",{parentName:"p"},"agent-initiated")," and ",(0,r.kt)("strong",{parentName:"p"},"manager-initiated")," registration. Typically one would\ngo with the agent-initiated registration but there are specific use cases in which\nmanager-initiated is a better workflow."),(0,r.kt)("h3",{id:"agent-initiated-registration"},"Agent-Initiated Registration"),(0,r.kt)("p",null,"Agent-initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,r.kt)("h3",{id:"manager-initiated-registration"},"Manager-Initiated Registration"),(0,r.kt)("p",null,"Manager-initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,r.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,r.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,r.kt)("strong",{parentName:"p"},"client ID")," or ",(0,r.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,r.kt)("a",{parentName:"p",href:"/0.9/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,r.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,r.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,r.kt)("p",null,"The ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe ",(0,r.kt)("a",{parentName:"p",href:"/0.9/architecture#security"},"cluster registration token")," is manifested as a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,r.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,r.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,r.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,r.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,r.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,r.kt)("p",null,"First, follow the ",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,r.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,r.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,r.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,r.kt)("p",null,"Value in ",(0,r.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,r.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,r.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,r.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,r.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.9/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,r.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,r.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,r.kt)("p",null,"First, create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,r.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,r.kt)("p",null,"Third, setup your environment to use the client ID."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/0.9/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager-initiated registration"),":\nFor manager-initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent-initiated registration the downstream cluster must have a ",(0,r.kt)("a",{parentName:"p",href:"/0.9/architecture#security"},"cluster registration token"),".\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.9/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,r.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,r.kt)("p",null,"The manager-initiated registration flow is accomplished by creating a\n",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,r.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,r.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,r.kt)("a",{parentName:"p",href:"/0.9/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,r.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,r.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,r.kt)("p",null,"The format of this secret is intended to match the ",(0,r.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,r.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,r.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,r.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/6cbe47eb.a7a19589.js b/assets/js/6cbe47eb.265fce85.js similarity index 97% rename from assets/js/6cbe47eb.a7a19589.js rename to assets/js/6cbe47eb.265fce85.js index 67f674375..9ade753b6 100644 --- a/assets/js/6cbe47eb.a7a19589.js +++ b/assets/js/6cbe47eb.265fce85.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5117],{3905:(e,t,n)=>{n.d(t,{Zo:()=>f,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},f=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(n),d=a,g=u["".concat(c,".").concat(d)]||u[d]||p[d]||l;return n?r.createElement(g,o(o({ref:t},f),{},{components:n})):r.createElement(g,o({ref:t},f))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-agent"},o=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"version-0.8/cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/versioned_docs/version-0.8/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/0.8/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-agent/fleet-agent.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Create a Bundle Resource",permalink:"/0.8/bundle-add"},next:{title:"fleet",permalink:"/0.8/cli/fleet-cli/fleet"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},f,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n --simulators int Numbers of simulators to run\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5117],{3905:(e,t,n)=>{n.d(t,{Zo:()=>f,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},f=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(n),d=a,g=u["".concat(c,".").concat(d)]||u[d]||p[d]||l;return n?r.createElement(g,o(o({ref:t},f),{},{components:n})):r.createElement(g,o({ref:t},f))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-agent"},o=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"version-0.8/cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/versioned_docs/version-0.8/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/0.8/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-agent/fleet-agent.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Create a Bundle Resource",permalink:"/0.8/bundle-add"},next:{title:"fleet",permalink:"/0.8/cli/fleet-cli/fleet"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},f,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n --simulators int Numbers of simulators to run\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/6cf4c0df.7b160fa0.js b/assets/js/6cf4c0df.c1b93090.js similarity index 98% rename from assets/js/6cf4c0df.7b160fa0.js rename to assets/js/6cf4c0df.c1b93090.js index b9c552438..20a39b125 100644 --- a/assets/js/6cf4c0df.7b160fa0.js +++ b/assets/js/6cf4c0df.c1b93090.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2418],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Webhook",l={unversionedId:"webhook",id:"version-0.5/webhook",title:"Webhook",description:"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,",source:"@site/versioned_docs/version-0.5/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.5/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/webhook.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs for Modified GitRepos",permalink:"/0.5/bundle-diffs"},next:{title:"Image scan",permalink:"/0.5/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"webhook"},"Webhook"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,\nGitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2418],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Webhook",l={unversionedId:"webhook",id:"version-0.5/webhook",title:"Webhook",description:"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,",source:"@site/versioned_docs/version-0.5/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.5/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/webhook.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs for Modified GitRepos",permalink:"/0.5/bundle-diffs"},next:{title:"Image scan",permalink:"/0.5/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"webhook"},"Webhook"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,\nGitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file diff --git a/assets/js/6e08701a.3487d19b.js b/assets/js/6e08701a.de3a9f4b.js similarity index 96% rename from assets/js/6e08701a.3487d19b.js rename to assets/js/6e08701a.de3a9f4b.js index f1dfcb056..7d81aaef3 100644 --- a/assets/js/6e08701a.3487d19b.js +++ b/assets/js/6e08701a.de3a9f4b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2832],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},g={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),u=p(n),f=a,m=u["".concat(i,".").concat(f)]||u[f]||g[f]||o;return n?r.createElement(m,l(l({ref:t},s),{},{components:n})):r.createElement(m,l({ref:t},s))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=u;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:a,l[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>g,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var r=n(7462),a=(n(7294),n(3905));const o={title:"0.9 Changelogs"},l=void 0,c={unversionedId:"changelogs/index",id:"version-0.9/changelogs/index",title:"0.9 Changelogs",description:"* v0.9.4 (latest)",source:"@site/versioned_docs/version-0.9/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.9/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/index.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.9 Changelogs"}},i={},p=[],s={toc:p};function g(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.4"},"v0.9.4")," (latest)")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.3"},"v0.9.3")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.2"},"v0.9.2")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.1"},"v0.9.1")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.0"},"v0.9.0")))))}g.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2832],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},g={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),u=p(n),f=a,m=u["".concat(i,".").concat(f)]||u[f]||g[f]||o;return n?r.createElement(m,l(l({ref:t},s),{},{components:n})):r.createElement(m,l({ref:t},s))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=u;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:a,l[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>g,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var r=n(7462),a=(n(7294),n(3905));const o={title:"0.9 Changelogs"},l=void 0,c={unversionedId:"changelogs/index",id:"version-0.9/changelogs/index",title:"0.9 Changelogs",description:"* v0.9.4 (latest)",source:"@site/versioned_docs/version-0.9/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.9/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/index.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.9 Changelogs"}},i={},p=[],s={toc:p};function g(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.4"},"v0.9.4")," (latest)")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.3"},"v0.9.3")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.2"},"v0.9.2")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.1"},"v0.9.1")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.9/changelogs/changelogs/v0.9.0"},"v0.9.0")))))}g.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/6e869bec.06055bbb.js b/assets/js/6e869bec.ca308da0.js similarity index 99% rename from assets/js/6e869bec.06055bbb.js rename to assets/js/6e869bec.ca308da0.js index 7616cafe2..bb65f7fcf 100644 --- a/assets/js/6e869bec.06055bbb.js +++ b/assets/js/6e869bec.ca308da0.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6112],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,m=o(e,["components","mdxType","originalType","parentName"]),c=p(n),u=l,h=c["".concat(s,".").concat(u)]||c[u]||d[u]||r;return n?a.createElement(h,i(i({ref:t},m),{},{components:n})):a.createElement(h,i({ref:t},m))}));function u(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=c;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>o,toc:()=>p});var a=n(7462),l=(n(7294),n(3905));const r={},i="Git Repository Contents",o={unversionedId:"gitrepo-content",id:"version-0.9/gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.9/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/0.9/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/gitrepo-content.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/0.9/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/0.9/namespaces"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"Excluding files and directories from bundles",id:"excluding-files-and-directories-from-bundles",level:3},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2}],m={toc:p};function d(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,l.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,l.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,l.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,l.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,l.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,l.kt)("p",null,"Multiple paths can be defined for a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,l.kt)("a",{parentName:"p",href:"/0.9/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,l.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"File"),(0,l.kt)("th",{parentName:"tr",align:null},"Location"),(0,l.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,l.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,l.kt)("a",{parentName:"td",href:"/0.9/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"}," *.yaml ")),(0,l.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,l.kt)("td",{parentName:"tr",align:null},"If a ",(0,l.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,l.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,l.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,l.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")),(0,l.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,l.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,l.kt)("h3",{id:"excluding-files-and-directories-from-bundles"},"Excluding files and directories from bundles"),(0,l.kt)("p",null,"Fleet supports file and directory exclusion by means of ",(0,l.kt)("inlineCode",{parentName:"p"},".fleetignore")," files, in a similar fashion to how ",(0,l.kt)("inlineCode",{parentName:"p"},".gitignore"),"\nfiles behave in git repositories:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"Glob syntax is used to match files or directories, using Golang's\n",(0,l.kt)("a",{parentName:"li",href:"https://pkg.go.dev/path/filepath#Match"},(0,l.kt)("inlineCode",{parentName:"a"},"filepath.Match"))),(0,l.kt)("li",{parentName:"ul"},"Empty lines are skipped, and can therefore be used to improve readability"),(0,l.kt)("li",{parentName:"ul"},"Characters like white spaces and ",(0,l.kt)("inlineCode",{parentName:"li"},"#")," can be escaped with a backslash"),(0,l.kt)("li",{parentName:"ul"},"Trailing spaces are ignored, unless escaped"),(0,l.kt)("li",{parentName:"ul"},"Comments, ie lines starting with unescaped ",(0,l.kt)("inlineCode",{parentName:"li"},"#"),", are skipped"),(0,l.kt)("li",{parentName:"ul"},"A given line can match a file or a directory, even if no separator is provided: eg. ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir/*")," and ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")," are both\nvalid ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," lines, and ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")," matches both files and directories called ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")),(0,l.kt)("li",{parentName:"ul"},"A match may be found for a file or directory at any level below the directory where a ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," lives, ie\n",(0,l.kt)("inlineCode",{parentName:"li"},"foo.yaml")," will match ",(0,l.kt)("inlineCode",{parentName:"li"},"./foo.yaml")," as well as ",(0,l.kt)("inlineCode",{parentName:"li"},"./path/to/foo.yaml")),(0,l.kt)("li",{parentName:"ul"},"Multiple ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," files are supported. For instance, in the following directory structure, only\n",(0,l.kt)("inlineCode",{parentName:"li"},"root/something.yaml"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"bar/something2.yaml")," and ",(0,l.kt)("inlineCode",{parentName:"li"},"foo/something.yaml")," will end up in a bundle:")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"root/\n\u251c\u2500\u2500 .fleetignore # contains `ignore-always.yaml'\n\u251c\u2500\u2500 something.yaml\n\u251c\u2500\u2500 bar\n\u2502\xa0\xa0 \u251c\u2500\u2500 .fleetignore # contains `something.yaml`\n\u2502\xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n\u2502\xa0\xa0 \u251c\u2500\u2500 something2.yaml\n\u2502\xa0\xa0 \u2514\u2500\u2500 something.yaml\n\u2514\u2500\u2500 foo\n \xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n \xa0\xa0 \u2514\u2500\u2500 something.yaml\n")),(0,l.kt)("p",null,"This currently comes with a few limitations, the following not being supported:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"Double asterisks (",(0,l.kt)("inlineCode",{parentName:"li"},"**"),")"),(0,l.kt)("li",{parentName:"ul"},"Explicit inclusions with ",(0,l.kt)("inlineCode",{parentName:"li"},"!"))),(0,l.kt)("h2",{id:"fleetyaml"},(0,l.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,l.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,l.kt)("a",{parentName:"p",href:"/0.9/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,l.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,l.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,l.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,l.kt)("p",null,"The available fields are documented in the ",(0,l.kt)("a",{parentName:"p",href:"/0.9/ref-fleet-yaml"},"fleet.yaml reference")),(0,l.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,l.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,l.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,l.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,l.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,l.kt)("p",null,"These examples showcase the style and format for using ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,l.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,l.kt)("p",null,"Example ",(0,l.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,l.kt)("p",null,"Example ",(0,l.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,l.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,l.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,l.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,l.kt)("p",null,"The resources can then be referenced from a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,l.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,l.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,l.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,l.kt)("p",null,"There are three approaches to matching clusters for both ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,l.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,l.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,l.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: all\n # Match everything\n clusterSelector: {}\n- name: none\n # Selector ignored\n clusterSelector: null\n")),(0,l.kt)("p",null,"When matching a cluster by name, make sure to use the name of the\n",(0,l.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource. The Rancher UI also has a provisioning and\na management cluster resource. Since the management cluster resource is not\nnamespaced, its name is different and contains a random suffix."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: prod\n clusterName: fleetname\n")),(0,l.kt)("p",null,"See ",(0,l.kt)("a",{parentName:"p",href:"gitrepo-targets#customization-per-cluster"},"Mapping to Downstream Clusters")," for more information and a list of supported customizations."),(0,l.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,l.kt)("p",null,"When using Kustomize or Helm the ",(0,l.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,l.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,l.kt)("p",null,"A file named ",(0,l.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,l.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,l.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,l.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,l.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,l.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,l.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,l.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,l.kt)("p",null,"See ",(0,l.kt)("a",{parentName:"p",href:"/0.9/cluster-bundles-state"},"Cluster and Bundle state"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6112],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,m=o(e,["components","mdxType","originalType","parentName"]),c=p(n),u=l,h=c["".concat(s,".").concat(u)]||c[u]||d[u]||r;return n?a.createElement(h,i(i({ref:t},m),{},{components:n})):a.createElement(h,i({ref:t},m))}));function u(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=c;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>o,toc:()=>p});var a=n(7462),l=(n(7294),n(3905));const r={},i="Git Repository Contents",o={unversionedId:"gitrepo-content",id:"version-0.9/gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.9/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/0.9/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/gitrepo-content.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/0.9/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/0.9/namespaces"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"Excluding files and directories from bundles",id:"excluding-files-and-directories-from-bundles",level:3},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2}],m={toc:p};function d(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,l.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,l.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,l.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,l.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,l.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,l.kt)("p",null,"Multiple paths can be defined for a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,l.kt)("a",{parentName:"p",href:"/0.9/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,l.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"File"),(0,l.kt)("th",{parentName:"tr",align:null},"Location"),(0,l.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,l.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,l.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,l.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,l.kt)("a",{parentName:"td",href:"/0.9/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"}," *.yaml ")),(0,l.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,l.kt)("td",{parentName:"tr",align:null},"If a ",(0,l.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,l.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,l.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,l.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,l.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,l.kt)("inlineCode",{parentName:"td"},"path")),(0,l.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,l.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,l.kt)("h3",{id:"excluding-files-and-directories-from-bundles"},"Excluding files and directories from bundles"),(0,l.kt)("p",null,"Fleet supports file and directory exclusion by means of ",(0,l.kt)("inlineCode",{parentName:"p"},".fleetignore")," files, in a similar fashion to how ",(0,l.kt)("inlineCode",{parentName:"p"},".gitignore"),"\nfiles behave in git repositories:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"Glob syntax is used to match files or directories, using Golang's\n",(0,l.kt)("a",{parentName:"li",href:"https://pkg.go.dev/path/filepath#Match"},(0,l.kt)("inlineCode",{parentName:"a"},"filepath.Match"))),(0,l.kt)("li",{parentName:"ul"},"Empty lines are skipped, and can therefore be used to improve readability"),(0,l.kt)("li",{parentName:"ul"},"Characters like white spaces and ",(0,l.kt)("inlineCode",{parentName:"li"},"#")," can be escaped with a backslash"),(0,l.kt)("li",{parentName:"ul"},"Trailing spaces are ignored, unless escaped"),(0,l.kt)("li",{parentName:"ul"},"Comments, ie lines starting with unescaped ",(0,l.kt)("inlineCode",{parentName:"li"},"#"),", are skipped"),(0,l.kt)("li",{parentName:"ul"},"A given line can match a file or a directory, even if no separator is provided: eg. ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir/*")," and ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")," are both\nvalid ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," lines, and ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")," matches both files and directories called ",(0,l.kt)("inlineCode",{parentName:"li"},"subdir")),(0,l.kt)("li",{parentName:"ul"},"A match may be found for a file or directory at any level below the directory where a ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," lives, ie\n",(0,l.kt)("inlineCode",{parentName:"li"},"foo.yaml")," will match ",(0,l.kt)("inlineCode",{parentName:"li"},"./foo.yaml")," as well as ",(0,l.kt)("inlineCode",{parentName:"li"},"./path/to/foo.yaml")),(0,l.kt)("li",{parentName:"ul"},"Multiple ",(0,l.kt)("inlineCode",{parentName:"li"},".fleetignore")," files are supported. For instance, in the following directory structure, only\n",(0,l.kt)("inlineCode",{parentName:"li"},"root/something.yaml"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"bar/something2.yaml")," and ",(0,l.kt)("inlineCode",{parentName:"li"},"foo/something.yaml")," will end up in a bundle:")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"root/\n\u251c\u2500\u2500 .fleetignore # contains `ignore-always.yaml'\n\u251c\u2500\u2500 something.yaml\n\u251c\u2500\u2500 bar\n\u2502\xa0\xa0 \u251c\u2500\u2500 .fleetignore # contains `something.yaml`\n\u2502\xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n\u2502\xa0\xa0 \u251c\u2500\u2500 something2.yaml\n\u2502\xa0\xa0 \u2514\u2500\u2500 something.yaml\n\u2514\u2500\u2500 foo\n \xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n \xa0\xa0 \u2514\u2500\u2500 something.yaml\n")),(0,l.kt)("p",null,"This currently comes with a few limitations, the following not being supported:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"Double asterisks (",(0,l.kt)("inlineCode",{parentName:"li"},"**"),")"),(0,l.kt)("li",{parentName:"ul"},"Explicit inclusions with ",(0,l.kt)("inlineCode",{parentName:"li"},"!"))),(0,l.kt)("h2",{id:"fleetyaml"},(0,l.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,l.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,l.kt)("a",{parentName:"p",href:"/0.9/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,l.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,l.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,l.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,l.kt)("p",null,"The available fields are documented in the ",(0,l.kt)("a",{parentName:"p",href:"/0.9/ref-fleet-yaml"},"fleet.yaml reference")),(0,l.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,l.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,l.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,l.kt)("p",null,(0,l.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,l.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,l.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,l.kt)("p",null,"These examples showcase the style and format for using ",(0,l.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,l.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,l.kt)("p",null,"Example ",(0,l.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,l.kt)("p",null,"Example ",(0,l.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,l.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,l.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,l.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,l.kt)("p",null,"The resources can then be referenced from a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,l.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,l.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,l.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,l.kt)("p",null,"There are three approaches to matching clusters for both ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,l.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,l.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,l.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: all\n # Match everything\n clusterSelector: {}\n- name: none\n # Selector ignored\n clusterSelector: null\n")),(0,l.kt)("p",null,"When matching a cluster by name, make sure to use the name of the\n",(0,l.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource. The Rancher UI also has a provisioning and\na management cluster resource. Since the management cluster resource is not\nnamespaced, its name is different and contains a random suffix."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: prod\n clusterName: fleetname\n")),(0,l.kt)("p",null,"See ",(0,l.kt)("a",{parentName:"p",href:"gitrepo-targets#customization-per-cluster"},"Mapping to Downstream Clusters")," for more information and a list of supported customizations."),(0,l.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,l.kt)("p",null,"When using Kustomize or Helm the ",(0,l.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,l.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,l.kt)("p",null,"A file named ",(0,l.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,l.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,l.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,l.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,l.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,l.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,l.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,l.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,l.kt)("p",null,"See ",(0,l.kt)("a",{parentName:"p",href:"/0.9/cluster-bundles-state"},"Cluster and Bundle state"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/6faa62d7.c80cf4b8.js b/assets/js/6faa62d7.3475e4fa.js similarity index 96% rename from assets/js/6faa62d7.c80cf4b8.js rename to assets/js/6faa62d7.3475e4fa.js index dd85c43a7..6c06c69d8 100644 --- a/assets/js/6faa62d7.c80cf4b8.js +++ b/assets/js/6faa62d7.3475e4fa.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8539],{3905:(e,t,n)=>{n.d(t,{Zo:()=>f,kt:()=>g});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},f=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(n),g=a,d=u["".concat(c,".").concat(g)]||u[g]||p[g]||o;return n?r.createElement(d,l(l({ref:t},f),{},{components:n})):r.createElement(d,l({ref:t},f))}));function g(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,l[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet-agent"},l=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"version-0.6/cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/versioned_docs/version-0.6/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/0.6/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-agent/fleet-agent.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/0.6/imagescan"},next:{title:"fleet",permalink:"/0.6/cli/fleet-cli/fleet"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},f,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n --simulators int Numbers of simulators to run\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8539],{3905:(e,t,n)=>{n.d(t,{Zo:()=>f,kt:()=>g});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},f=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(n),g=a,d=u["".concat(c,".").concat(g)]||u[g]||p[g]||o;return n?r.createElement(d,l(l({ref:t},f),{},{components:n})):r.createElement(d,l({ref:t},f))}));function g(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,l[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet-agent"},l=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"version-0.6/cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/versioned_docs/version-0.6/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/0.6/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-agent/fleet-agent.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/0.6/imagescan"},next:{title:"fleet",permalink:"/0.6/cli/fleet-cli/fleet"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},f,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n --simulators int Numbers of simulators to run\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/6fe63dff.cca0de58.js b/assets/js/6fe63dff.dfcaa2a7.js similarity index 98% rename from assets/js/6fe63dff.cca0de58.js rename to assets/js/6fe63dff.dfcaa2a7.js index 68a6afbed..b214a1890 100644 --- a/assets/js/6fe63dff.cca0de58.js +++ b/assets/js/6fe63dff.dfcaa2a7.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1139],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>g});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),i=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=i(e.components);return r.createElement(c.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),p=i(n),g=l,d=p["".concat(c,".").concat(g)]||p[g]||f[g]||a;return n?r.createElement(d,s(s({ref:t},u),{},{components:n})):r.createElement(d,s({ref:t},u))}));function g(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,s=new Array(a);s[0]=p;var o={};for(var c in t)hasOwnProperty.call(t,c)&&(o[c]=t[c]);o.originalType=e,o.mdxType="string"==typeof e?e:l,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>f,frontMatter:()=>a,metadata:()=>o,toc:()=>i});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet-agent clusterstatus"},s=void 0,o={unversionedId:"cli/fleet-agent/fleet-agent_clusterstatus",id:"cli/fleet-agent/fleet-agent_clusterstatus",title:"",description:"fleet-agent clusterstatus",source:"@site/docs/cli/fleet-agent/fleet-agent_clusterstatus.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/fleet-agent_clusterstatus",permalink:"/cli/fleet-agent/fleet-agent_clusterstatus",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-agent/fleet-agent_clusterstatus.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent clusterstatus"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/cli/fleet-agent/"},next:{title:"fleet-agent register",permalink:"/cli/fleet-agent/fleet-agent_register"}},c={},i=[{value:"fleet-agent clusterstatus",id:"fleet-agent-clusterstatus",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],u={toc:i};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-agent-clusterstatus"},"fleet-agent clusterstatus"),(0,l.kt)("p",null,"Continuously report resource status to the upstream cluster"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-agent clusterstatus [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for clusterstatus\n --kubeconfig string kubeconfig file for agent's cluster\n --namespace string system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet-agent"},"fleet-agent"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1139],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>g});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),i=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=i(e.components);return r.createElement(c.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),p=i(n),g=l,d=p["".concat(c,".").concat(g)]||p[g]||f[g]||a;return n?r.createElement(d,s(s({ref:t},u),{},{components:n})):r.createElement(d,s({ref:t},u))}));function g(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,s=new Array(a);s[0]=p;var o={};for(var c in t)hasOwnProperty.call(t,c)&&(o[c]=t[c]);o.originalType=e,o.mdxType="string"==typeof e?e:l,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>f,frontMatter:()=>a,metadata:()=>o,toc:()=>i});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet-agent clusterstatus"},s=void 0,o={unversionedId:"cli/fleet-agent/fleet-agent_clusterstatus",id:"cli/fleet-agent/fleet-agent_clusterstatus",title:"",description:"fleet-agent clusterstatus",source:"@site/docs/cli/fleet-agent/fleet-agent_clusterstatus.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/fleet-agent_clusterstatus",permalink:"/cli/fleet-agent/fleet-agent_clusterstatus",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-agent/fleet-agent_clusterstatus.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent clusterstatus"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/cli/fleet-agent/"},next:{title:"fleet-agent register",permalink:"/cli/fleet-agent/fleet-agent_register"}},c={},i=[{value:"fleet-agent clusterstatus",id:"fleet-agent-clusterstatus",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],u={toc:i};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-agent-clusterstatus"},"fleet-agent clusterstatus"),(0,l.kt)("p",null,"Continuously report resource status to the upstream cluster"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-agent clusterstatus [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for clusterstatus\n --kubeconfig string kubeconfig file for agent's cluster\n --namespace string system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet-agent"},"fleet-agent"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/702cd497.725a291b.js b/assets/js/702cd497.8e3103ad.js similarity index 98% rename from assets/js/702cd497.725a291b.js rename to assets/js/702cd497.8e3103ad.js index f4ea3762a..68538e251 100644 --- a/assets/js/702cd497.725a291b.js +++ b/assets/js/702cd497.8e3103ad.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4895],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=o,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,a(a({ref:t},p),{},{components:n})):r.createElement(f,a({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,a=new Array(l);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const l={},a="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"version-0.8/ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/versioned_docs/version-0.8/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/0.8/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-bundle-stages.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.8/concepts"},next:{title:"Git Repository Contents",permalink:"/0.8/gitrepo-content"}},s={},c=[],p={toc:c};function u(e){let{components:t,...l}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,l,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,o.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,o.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,o.kt)("ol",null,(0,o.kt)("li",{parentName:"ol"},"User will create a ",(0,o.kt)("a",{parentName:"li",href:"/0.8/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,o.kt)("a",{parentName:"li",href:"/0.8/webhook"},"webhook event"),". With every commit change, the ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,o.kt)("a",{parentName:"li",href:"/0.8/cluster-bundles-state#bundles"},"bundle"),".")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},(0,o.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,o.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,o.kt)("ol",{start:3},(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,o.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,o.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})))}u.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4895],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=o,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,a(a({ref:t},p),{},{components:n})):r.createElement(f,a({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,a=new Array(l);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const l={},a="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"version-0.8/ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/versioned_docs/version-0.8/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/0.8/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-bundle-stages.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.8/concepts"},next:{title:"Git Repository Contents",permalink:"/0.8/gitrepo-content"}},s={},c=[],p={toc:c};function u(e){let{components:t,...l}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,l,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,o.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,o.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,o.kt)("ol",null,(0,o.kt)("li",{parentName:"ol"},"User will create a ",(0,o.kt)("a",{parentName:"li",href:"/0.8/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,o.kt)("a",{parentName:"li",href:"/0.8/webhook"},"webhook event"),". With every commit change, the ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,o.kt)("a",{parentName:"li",href:"/0.8/cluster-bundles-state#bundles"},"bundle"),".")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},(0,o.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,o.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,o.kt)("ol",{start:3},(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,o.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,o.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})))}u.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file diff --git a/assets/js/7292ec22.6f9c6d34.js b/assets/js/7292ec22.aa8cc63d.js similarity index 98% rename from assets/js/7292ec22.6f9c6d34.js rename to assets/js/7292ec22.aa8cc63d.js index 20c6c0197..8784d021b 100644 --- a/assets/js/7292ec22.6f9c6d34.js +++ b/assets/js/7292ec22.aa8cc63d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2404],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),i=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=i(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=i(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},d),{},{components:n})):r.createElement(m,s({ref:t},d))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>i});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"version-0.6/cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.6/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.6/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cluster-bundles-state.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/0.6/cli/fleet-controller/fleet-manager"},next:{title:"Cluster Registration Internals",permalink:"/0.6/ref-registration"}},u={},i=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],d={toc:i};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2404],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),i=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=i(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=i(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},d),{},{components:n})):r.createElement(m,s({ref:t},d))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>i});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"version-0.6/cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.6/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.6/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cluster-bundles-state.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/0.6/cli/fleet-controller/fleet-manager"},next:{title:"Cluster Registration Internals",permalink:"/0.6/ref-registration"}},u={},i=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],d={toc:i};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/750cf41f.f17950f0.js b/assets/js/750cf41f.507a87a3.js similarity index 98% rename from assets/js/750cf41f.f17950f0.js rename to assets/js/750cf41f.507a87a3.js index de0ab67a2..09b8610c3 100644 --- a/assets/js/750cf41f.f17950f0.js +++ b/assets/js/750cf41f.507a87a3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1149],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,o=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,g=u["".concat(c,".").concat(d)]||u[d]||p[d]||o;return r?n.createElement(g,a(a({ref:t},f),{},{components:r})):n.createElement(g,a({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=r.length,a=new Array(o);a[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>a,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const o={title:"",sidebar_label:"fleet target"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_target",id:"cli/fleet-cli/fleet_target",title:"",description:"fleet target",source:"@site/docs/cli/fleet-cli/fleet_target.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_target",permalink:"/cli/fleet-cli/fleet_target",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_target.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet target"},sidebar:"docs",previous:{title:"fleet deploy",permalink:"/cli/fleet-cli/fleet_deploy"},next:{title:"fleet test",permalink:"/cli/fleet-cli/fleet_test"}},c={},s=[{value:"fleet target",id:"fleet-target",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-target"},"fleet target"),(0,l.kt)("p",null,"Print available targets for a bundle"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet target [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the Bundle resource yaml\n -l, --dump-input-list Dump the live resources, which impact targeting, like clusters, as YAML\n -h, --help help for target\n --kubeconfig string Paths to a kubeconfig. Only required if out-of-cluster.\n -n, --namespace string Override the namespace of the bundle. Targeting searches this namespace for clusters.\n --zap-devel Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)\n --zap-encoder encoder Zap log encoding (one of 'json' or 'console')\n --zap-log-level level Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity\n --zap-stacktrace-level level Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').\n --zap-time-encoding time-encoding Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1149],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,o=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,g=u["".concat(c,".").concat(d)]||u[d]||p[d]||o;return r?n.createElement(g,a(a({ref:t},f),{},{components:r})):n.createElement(g,a({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=r.length,a=new Array(o);a[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>a,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const o={title:"",sidebar_label:"fleet target"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_target",id:"cli/fleet-cli/fleet_target",title:"",description:"fleet target",source:"@site/docs/cli/fleet-cli/fleet_target.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_target",permalink:"/cli/fleet-cli/fleet_target",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_target.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet target"},sidebar:"docs",previous:{title:"fleet deploy",permalink:"/cli/fleet-cli/fleet_deploy"},next:{title:"fleet test",permalink:"/cli/fleet-cli/fleet_test"}},c={},s=[{value:"fleet target",id:"fleet-target",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-target"},"fleet target"),(0,l.kt)("p",null,"Print available targets for a bundle"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet target [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the Bundle resource yaml\n -l, --dump-input-list Dump the live resources, which impact targeting, like clusters, as YAML\n -h, --help help for target\n --kubeconfig string Paths to a kubeconfig. Only required if out-of-cluster.\n -n, --namespace string Override the namespace of the bundle. Targeting searches this namespace for clusters.\n --zap-devel Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)\n --zap-encoder encoder Zap log encoding (one of 'json' or 'console')\n --zap-log-level level Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity\n --zap-stacktrace-level level Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').\n --zap-time-encoding time-encoding Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/755aca7b.d81eab5c.js b/assets/js/755aca7b.b6ec324c.js similarity index 98% rename from assets/js/755aca7b.d81eab5c.js rename to assets/js/755aca7b.b6ec324c.js index baadc5135..d17e4ce4d 100644 --- a/assets/js/755aca7b.d81eab5c.js +++ b/assets/js/755aca7b.b6ec324c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9816],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,i=e.originalType,s=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),f=c(n),d=a,m=f["".concat(s,".").concat(d)]||f[d]||p[d]||i;return n?r.createElement(m,l(l({ref:t},u),{},{components:n})):r.createElement(m,l({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=n.length,l=new Array(i);l[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const i={},l="Installation",o={unversionedId:"installation",id:"version-0.5/installation",title:"Installation",description:"The installation is broken up into two different use cases: Single and",source:"@site/versioned_docs/version-0.5/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.5/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/installation.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Advanced Users",permalink:"/0.5/advanced-users"},next:{title:"Single Cluster Install",permalink:"/0.5/single-cluster-install"}},s={},c=[],u={toc:c};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"installation"},"Installation"),(0,a.kt)("p",null,"The installation is broken up into two different use cases: ",(0,a.kt)("a",{parentName:"p",href:"/0.5/single-cluster-install"},"Single")," and\n",(0,a.kt)("a",{parentName:"p",href:"/0.5/multi-cluster-install"},"Multi-Cluster")," install. The single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,a.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9816],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,i=e.originalType,s=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),f=c(n),d=a,m=f["".concat(s,".").concat(d)]||f[d]||p[d]||i;return n?r.createElement(m,l(l({ref:t},u),{},{components:n})):r.createElement(m,l({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=n.length,l=new Array(i);l[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const i={},l="Installation",o={unversionedId:"installation",id:"version-0.5/installation",title:"Installation",description:"The installation is broken up into two different use cases: Single and",source:"@site/versioned_docs/version-0.5/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.5/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/installation.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Advanced Users",permalink:"/0.5/advanced-users"},next:{title:"Single Cluster Install",permalink:"/0.5/single-cluster-install"}},s={},c=[],u={toc:c};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"installation"},"Installation"),(0,a.kt)("p",null,"The installation is broken up into two different use cases: ",(0,a.kt)("a",{parentName:"p",href:"/0.5/single-cluster-install"},"Single")," and\n",(0,a.kt)("a",{parentName:"p",href:"/0.5/multi-cluster-install"},"Multi-Cluster")," install. The single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,a.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/762abe3e.a7446540.js b/assets/js/762abe3e.f3b47c0f.js similarity index 99% rename from assets/js/762abe3e.a7446540.js rename to assets/js/762abe3e.f3b47c0f.js index 4209b2ebd..585e41498 100644 --- a/assets/js/762abe3e.a7446540.js +++ b/assets/js/762abe3e.f3b47c0f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6961],{3905:(t,e,n)=>{n.d(e,{Zo:()=>m,kt:()=>s});var r=n(7294);function a(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function l(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function o(t){for(var e=1;e=0||(a[n]=t[n]);return a}(t,e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(t);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(t,n)&&(a[n]=t[n])}return a}var p=r.createContext({}),u=function(t){var e=r.useContext(p),n=e;return t&&(n="function"==typeof t?t(e):o(o({},e),t)),n},m=function(t){var e=u(t.components);return r.createElement(p.Provider,{value:e},t.children)},d={inlineCode:"code",wrapper:function(t){var e=t.children;return r.createElement(r.Fragment,{},e)}},c=r.forwardRef((function(t,e){var n=t.components,a=t.mdxType,l=t.originalType,p=t.parentName,m=i(t,["components","mdxType","originalType","parentName"]),c=u(n),s=a,g=c["".concat(p,".").concat(s)]||c[s]||d[s]||l;return n?r.createElement(g,o(o({ref:e},m),{},{components:n})):r.createElement(g,o({ref:e},m))}));function s(t,e){var n=arguments,a=e&&e.mdxType;if("string"==typeof t||a){var l=n.length,o=new Array(l);o[0]=c;var i={};for(var p in e)hasOwnProperty.call(e,p)&&(i[p]=e[p]);i.originalType=t,i.mdxType="string"==typeof t?t:a,o[1]=i;for(var u=2;u{n.r(e),n.d(e,{assets:()=>p,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>u});var r=n(7462),a=(n(7294),n(3905));const l={},o="List of Deployed Resources",i={unversionedId:"ref-resources",id:"ref-resources",title:"List of Deployed Resources",description:"After installing Fleet in Rancher these resources are created in the upstream cluster.",source:"@site/docs/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-resources.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/ref-configuration"},next:{title:"Custom Resources Spec",permalink:"/ref-crds"}},p={},u=[],m={toc:u};function d(t){let{components:e,...n}=t;return(0,a.kt)("wrapper",(0,r.Z)({},m,n,{components:e,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"list-of-deployed-resources"},"List of Deployed Resources"),(0,a.kt)("p",null,"After installing Fleet in Rancher these resources are created in the upstream cluster."),(0,a.kt)("table",null,(0,a.kt)("thead",{parentName:"table"},(0,a.kt)("tr",{parentName:"thead"},(0,a.kt)("th",{parentName:"tr",align:null},"Type"),(0,a.kt)("th",{parentName:"tr",align:null},"Name"),(0,a.kt)("th",{parentName:"tr",align:null},"Namespace"))),(0,a.kt)("tbody",{parentName:"table"},(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"From Helm, intial setup:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob-binding"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ConfigMap"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Service"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Generated:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterGroup"),(0,a.kt)("td",{parentName:"tr",align:null},"default"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"For each registered cluster:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null},"by default fleet-default")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"generated"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BundleDeployment"),(0,a.kt)("td",{parentName:"tr",align:null},"cluster-fleet-local-local-ID"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local")))),(0,a.kt)("p",null,"Also see ","[namespaces]"))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6961],{3905:(t,e,n)=>{n.d(e,{Zo:()=>m,kt:()=>s});var r=n(7294);function a(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function l(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function o(t){for(var e=1;e=0||(a[n]=t[n]);return a}(t,e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(t);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(t,n)&&(a[n]=t[n])}return a}var p=r.createContext({}),u=function(t){var e=r.useContext(p),n=e;return t&&(n="function"==typeof t?t(e):o(o({},e),t)),n},m=function(t){var e=u(t.components);return r.createElement(p.Provider,{value:e},t.children)},d={inlineCode:"code",wrapper:function(t){var e=t.children;return r.createElement(r.Fragment,{},e)}},c=r.forwardRef((function(t,e){var n=t.components,a=t.mdxType,l=t.originalType,p=t.parentName,m=i(t,["components","mdxType","originalType","parentName"]),c=u(n),s=a,g=c["".concat(p,".").concat(s)]||c[s]||d[s]||l;return n?r.createElement(g,o(o({ref:e},m),{},{components:n})):r.createElement(g,o({ref:e},m))}));function s(t,e){var n=arguments,a=e&&e.mdxType;if("string"==typeof t||a){var l=n.length,o=new Array(l);o[0]=c;var i={};for(var p in e)hasOwnProperty.call(e,p)&&(i[p]=e[p]);i.originalType=t,i.mdxType="string"==typeof t?t:a,o[1]=i;for(var u=2;u{n.r(e),n.d(e,{assets:()=>p,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>u});var r=n(7462),a=(n(7294),n(3905));const l={},o="List of Deployed Resources",i={unversionedId:"ref-resources",id:"ref-resources",title:"List of Deployed Resources",description:"After installing Fleet in Rancher these resources are created in the upstream cluster.",source:"@site/docs/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-resources.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/ref-configuration"},next:{title:"Custom Resources Spec",permalink:"/ref-crds"}},p={},u=[],m={toc:u};function d(t){let{components:e,...n}=t;return(0,a.kt)("wrapper",(0,r.Z)({},m,n,{components:e,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"list-of-deployed-resources"},"List of Deployed Resources"),(0,a.kt)("p",null,"After installing Fleet in Rancher these resources are created in the upstream cluster."),(0,a.kt)("table",null,(0,a.kt)("thead",{parentName:"table"},(0,a.kt)("tr",{parentName:"thead"},(0,a.kt)("th",{parentName:"tr",align:null},"Type"),(0,a.kt)("th",{parentName:"tr",align:null},"Name"),(0,a.kt)("th",{parentName:"tr",align:null},"Namespace"))),(0,a.kt)("tbody",{parentName:"table"},(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"From Helm, intial setup:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob-binding"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ConfigMap"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Service"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Generated:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterGroup"),(0,a.kt)("td",{parentName:"tr",align:null},"default"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"For each registered cluster:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null},"by default fleet-default")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"generated"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BundleDeployment"),(0,a.kt)("td",{parentName:"tr",align:null},"cluster-fleet-local-local-ID"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local")))),(0,a.kt)("p",null,"Also see ","[namespaces]"))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/7712976a.ea4f0797.js b/assets/js/7712976a.72247104.js similarity index 99% rename from assets/js/7712976a.ea4f0797.js rename to assets/js/7712976a.72247104.js index 02162ba4e..56ca2c286 100644 --- a/assets/js/7712976a.ea4f0797.js +++ b/assets/js/7712976a.72247104.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3551],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"version-0.8/webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens).",source:"@site/versioned_docs/version-0.8/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.8/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/webhook.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.8/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/0.8/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens)."),(0,r.kt)("p",null,"For installations with multiple tens up to hundreds of Git repos, and in general to reduce latency (the time between a push to Git and fleet reacting to it), configuring webhooks is recommended instead of polling."),(0,r.kt)("p",null,"Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3551],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"version-0.8/webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens).",source:"@site/versioned_docs/version-0.8/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.8/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/webhook.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.8/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/0.8/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens)."),(0,r.kt)("p",null,"For installations with multiple tens up to hundreds of Git repos, and in general to reduce latency (the time between a push to Git and fleet reacting to it), configuring webhooks is recommended instead of polling."),(0,r.kt)("p",null,"Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file diff --git a/assets/js/778a7b8d.a29d8cee.js b/assets/js/778a7b8d.d379c3d3.js similarity index 99% rename from assets/js/778a7b8d.a29d8cee.js rename to assets/js/778a7b8d.d379c3d3.js index 792d085f0..4513fdbfe 100644 --- a/assets/js/778a7b8d.a29d8cee.js +++ b/assets/js/778a7b8d.d379c3d3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4300],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>u});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(a),u=l,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||n;return a?r.createElement(m,o(o({ref:t},p),{},{components:a})):r.createElement(m,o({ref:t},p))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>n,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"",date:"2024-03-19 10:04:05 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.8.3",id:"version-0.8/changelogs/changelogs/v0.8.3",title:"",description:"(rancherio-gh-m) released this 2024-03-19 1005 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.3.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.3",permalink:"/0.8/changelogs/changelogs/v0.8.3",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.3.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",date:"2024-03-19 10:04:05 +0000 UTC"},sidebar:"docs",previous:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.2"},next:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.4"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],p={toc:c};function d(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-03-19 10:04:05 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add support for Azure DevOps Webhook for gitRepos using SSH URL by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2186666693","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/453","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/453/hovercard",href:"https://github.com/rancher/gitjob/pull/453"},"rancher/gitjob#453")),(0,l.kt)("li",null,"Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2188388938","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2228","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2228/hovercard",href:"https://github.com/rancher/fleet/pull/2228"},"#2228")),(0,l.kt)("li",null,"Convert TestAzureDevopsWebhookWithSSHURL to support Wrangler v1.1.1 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2188388938","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2228","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2228/hovercard",href:"https://github.com/rancher/fleet/pull/2228"},"#2228"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump Gitjob to ",(0,l.kt)("a",{href:"https://github.com/rancher/gitjob/releases/tag/v0.8.3"},"v0.8.3")," by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2188388938","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2228","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2228/hovercard",href:"https://github.com/rancher/fleet/pull/2228"},"#2228"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.2...v0.8.3"},(0,l.kt)("tt",null,"v0.8.2...v0.8.3"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-crd-0.8.3.tgz"},"fleet-crd-0.8.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-agent-0.8.3.tgz"},"fleet-agent-0.8.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-0.8.3.tgz"},"fleet-0.8.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.3"},"here"))))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4300],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>u});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(a),u=l,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||n;return a?r.createElement(m,o(o({ref:t},p),{},{components:a})):r.createElement(m,o({ref:t},p))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>n,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"",date:"2024-03-19 10:04:05 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.8.3",id:"version-0.8/changelogs/changelogs/v0.8.3",title:"",description:"(rancherio-gh-m) released this 2024-03-19 1005 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.3.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.3",permalink:"/0.8/changelogs/changelogs/v0.8.3",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.3.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",date:"2024-03-19 10:04:05 +0000 UTC"},sidebar:"docs",previous:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.2"},next:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.4"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],p={toc:c};function d(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-03-19 10:04:05 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add support for Azure DevOps Webhook for gitRepos using SSH URL by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2186666693","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/453","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/453/hovercard",href:"https://github.com/rancher/gitjob/pull/453"},"rancher/gitjob#453")),(0,l.kt)("li",null,"Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2188388938","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2228","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2228/hovercard",href:"https://github.com/rancher/fleet/pull/2228"},"#2228")),(0,l.kt)("li",null,"Convert TestAzureDevopsWebhookWithSSHURL to support Wrangler v1.1.1 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2188388938","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2228","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2228/hovercard",href:"https://github.com/rancher/fleet/pull/2228"},"#2228"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump Gitjob to ",(0,l.kt)("a",{href:"https://github.com/rancher/gitjob/releases/tag/v0.8.3"},"v0.8.3")," by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2188388938","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2228","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2228/hovercard",href:"https://github.com/rancher/fleet/pull/2228"},"#2228"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.2...v0.8.3"},(0,l.kt)("tt",null,"v0.8.2...v0.8.3"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-crd-0.8.3.tgz"},"fleet-crd-0.8.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-agent-0.8.3.tgz"},"fleet-agent-0.8.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-0.8.3.tgz"},"fleet-0.8.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.3/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.3"},"here"))))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/77fc540a.f9d71e63.js b/assets/js/77fc540a.92c0ba2f.js similarity index 97% rename from assets/js/77fc540a.f9d71e63.js rename to assets/js/77fc540a.92c0ba2f.js index cbc4f1afd..22528433f 100644 --- a/assets/js/77fc540a.f9d71e63.js +++ b/assets/js/77fc540a.92c0ba2f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5600],{3905:(e,t,n)=>{n.d(t,{Zo:()=>f,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},f=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(n),d=a,g=u["".concat(c,".").concat(d)]||u[d]||p[d]||l;return n?r.createElement(g,o(o({ref:t},f),{},{components:n})):r.createElement(g,o({ref:t},f))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-agent"},o=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"version-0.7/cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/versioned_docs/version-0.7/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/0.7/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-agent/fleet-agent.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Create a Bundle Resource",permalink:"/0.7/bundle-add"},next:{title:"fleet",permalink:"/0.7/cli/fleet-cli/fleet"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},f,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n --simulators int Numbers of simulators to run\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5600],{3905:(e,t,n)=>{n.d(t,{Zo:()=>f,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},f=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(n),d=a,g=u["".concat(c,".").concat(d)]||u[d]||p[d]||l;return n?r.createElement(g,o(o({ref:t},f),{},{components:n})):r.createElement(g,o({ref:t},f))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={title:"",sidebar_label:"fleet-agent"},o=void 0,i={unversionedId:"cli/fleet-agent/fleet-agent",id:"version-0.7/cli/fleet-agent/fleet-agent",title:"",description:"fleet-agent",source:"@site/versioned_docs/version-0.7/cli/fleet-agent/fleet-agent.md",sourceDirName:"cli/fleet-agent",slug:"/cli/fleet-agent/",permalink:"/0.7/cli/fleet-agent/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-agent/fleet-agent.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-agent"},sidebar:"docs",previous:{title:"Create a Bundle Resource",permalink:"/0.7/bundle-add"},next:{title:"fleet",permalink:"/0.7/cli/fleet-cli/fleet"}},c={},s=[{value:"fleet-agent",id:"fleet-agent",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},f,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-agent"},"fleet-agent"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-agent [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --agent-scope string An identifier used to scope the agent bundleID names, typically the same as namespace\n --checkin-interval string How often to post cluster status\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet-agent\n --kubeconfig string kubeconfig file\n --namespace string namespace to watch\n --simulators int Numbers of simulators to run\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/7a815aed.2c3454a0.js b/assets/js/7a815aed.637f97af.js similarity index 99% rename from assets/js/7a815aed.2c3454a0.js rename to assets/js/7a815aed.637f97af.js index abe280570..ee3d7d833 100644 --- a/assets/js/7a815aed.2c3454a0.js +++ b/assets/js/7a815aed.637f97af.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[488],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"version-0.6/webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,",source:"@site/versioned_docs/version-0.6/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.6/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/webhook.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.6/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/0.6/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,\nGitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[488],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"version-0.6/webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,",source:"@site/versioned_docs/version-0.6/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.6/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/webhook.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.6/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/0.6/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,\nGitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file diff --git a/assets/js/7b64d2e8.b494d633.js b/assets/js/7b64d2e8.d8369136.js similarity index 98% rename from assets/js/7b64d2e8.b494d633.js rename to assets/js/7b64d2e8.d8369136.js index a32746461..c865eedc3 100644 --- a/assets/js/7b64d2e8.b494d633.js +++ b/assets/js/7b64d2e8.d8369136.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1416],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=r,h=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?a.createElement(h,o(o({ref:t},p),{},{components:n})):a.createElement(h,o({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const l={},o="Create a Bundle Resource",i={unversionedId:"bundle-add",id:"bundle-add",title:"Create a Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created. In most cases Bundles should not be created",source:"@site/docs/bundle-add.md",sourceDirName:".",slug:"/bundle-add",permalink:"/bundle-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/bundle-add.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/imagescan"},next:{title:"fleet-agent",permalink:"/cli/fleet-agent/"}},s={},c=[{value:"Limitations",id:"limitations",level:2},{value:"Convert a Helm Chart into a Bundle",id:"convert-a-helm-chart-into-a-bundle",level:2}],p={toc:c};function u(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-bundle-resource"},"Create a Bundle Resource"),(0,r.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created. In most cases ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundles")," should not be created\nmanually by the user. If you want to deploy resources from a git repository use a\n",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-add"},"GitRepo")," instead."),(0,r.kt)("p",null,"If you want to deploy resources without a git repository follow this guide to create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle"),"."),(0,r.kt)("p",null,"When creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," Fleet will fetch the resources from a git repository, and add them to a Bundle.\nWhen creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," resources need to be explicitly specified in the ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Spec.\nResources can be compressed with gz. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher/blob/v2.7.3/pkg/controllers/provisioningv2/managedchart/managedchart.go#L149-L153"},"here"),"\nan example of how Rancher uses compression in go code."),(0,r.kt)("p",null,"If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),".\nSee ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-targets#defining-targets"},"Mapping to Downstream Clusters"),"."),(0,r.kt)("p",null,"The following example creates a nginx ",(0,r.kt)("inlineCode",{parentName:"p"},"Deployment")," in the local cluster:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n resources:\n # List of all resources that will be deployed\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n targets:\n - clusterName: local\n\n")),(0,r.kt)("h2",{id:"limitations"},"Limitations"),(0,r.kt)("p",null,"Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.repo")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.charts"))),(0,r.kt)("p",null,"You can't use a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in resources, it is only used by the fleet-cli to create bundles."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targetRestrictions")," field is not useful, as it is an allow list for targets specified in ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets"),". It is not needed, since ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," are explicitly given in a bundle and an empty ",(0,r.kt)("inlineCode",{parentName:"p"},"targetRestrictions")," defaults to allow."),(0,r.kt)("h2",{id:"convert-a-helm-chart-into-a-bundle"},"Convert a Helm Chart into a Bundle"),(0,r.kt)("p",null,"You can use the Fleet CLI to convert a Helm chart into a bundle."),(0,r.kt)("p",null,'For example, you can download and convert the "external secrets" operator chart like this:'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"cat > targets.yaml < app/fleet.yaml < eso-bundle.yaml\n\nkubectl apply -f eso-bundle.yaml\n")),(0,r.kt)("p",null,"Make sure you use a cluster selector in ",(0,r.kt)("inlineCode",{parentName:"p"},"targets.yaml"),", that matches all clusters you want to deploy to."),(0,r.kt)("p",null,"The blog post on ",(0,r.kt)("a",{parentName:"p",href:"https://www.suse.com/c/rancher_blog/fleet-multi-cluster-deployment-with-the-help-of-external-secrets/"},"Fleet: Multi-Cluster Deployment with the Help of External Secrets")," has more information."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1416],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=r,h=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?a.createElement(h,o(o({ref:t},p),{},{components:n})):a.createElement(h,o({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const l={},o="Create a Bundle Resource",i={unversionedId:"bundle-add",id:"bundle-add",title:"Create a Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created. In most cases Bundles should not be created",source:"@site/docs/bundle-add.md",sourceDirName:".",slug:"/bundle-add",permalink:"/bundle-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/bundle-add.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/imagescan"},next:{title:"fleet-agent",permalink:"/cli/fleet-agent/"}},s={},c=[{value:"Limitations",id:"limitations",level:2},{value:"Convert a Helm Chart into a Bundle",id:"convert-a-helm-chart-into-a-bundle",level:2}],p={toc:c};function u(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-bundle-resource"},"Create a Bundle Resource"),(0,r.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created. In most cases ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundles")," should not be created\nmanually by the user. If you want to deploy resources from a git repository use a\n",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-add"},"GitRepo")," instead."),(0,r.kt)("p",null,"If you want to deploy resources without a git repository follow this guide to create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle"),"."),(0,r.kt)("p",null,"When creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," Fleet will fetch the resources from a git repository, and add them to a Bundle.\nWhen creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," resources need to be explicitly specified in the ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Spec.\nResources can be compressed with gz. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher/blob/v2.7.3/pkg/controllers/provisioningv2/managedchart/managedchart.go#L149-L153"},"here"),"\nan example of how Rancher uses compression in go code."),(0,r.kt)("p",null,"If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),".\nSee ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-targets#defining-targets"},"Mapping to Downstream Clusters"),"."),(0,r.kt)("p",null,"The following example creates a nginx ",(0,r.kt)("inlineCode",{parentName:"p"},"Deployment")," in the local cluster:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n resources:\n # List of all resources that will be deployed\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n targets:\n - clusterName: local\n\n")),(0,r.kt)("h2",{id:"limitations"},"Limitations"),(0,r.kt)("p",null,"Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.repo")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.charts"))),(0,r.kt)("p",null,"You can't use a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in resources, it is only used by the fleet-cli to create bundles."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targetRestrictions")," field is not useful, as it is an allow list for targets specified in ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets"),". It is not needed, since ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," are explicitly given in a bundle and an empty ",(0,r.kt)("inlineCode",{parentName:"p"},"targetRestrictions")," defaults to allow."),(0,r.kt)("h2",{id:"convert-a-helm-chart-into-a-bundle"},"Convert a Helm Chart into a Bundle"),(0,r.kt)("p",null,"You can use the Fleet CLI to convert a Helm chart into a bundle."),(0,r.kt)("p",null,'For example, you can download and convert the "external secrets" operator chart like this:'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"cat > targets.yaml < app/fleet.yaml < eso-bundle.yaml\n\nkubectl apply -f eso-bundle.yaml\n")),(0,r.kt)("p",null,"Make sure you use a cluster selector in ",(0,r.kt)("inlineCode",{parentName:"p"},"targets.yaml"),", that matches all clusters you want to deploy to."),(0,r.kt)("p",null,"The blog post on ",(0,r.kt)("a",{parentName:"p",href:"https://www.suse.com/c/rancher_blog/fleet-multi-cluster-deployment-with-the-help-of-external-secrets/"},"Fleet: Multi-Cluster Deployment with the Help of External Secrets")," has more information."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/7c4790a0.99cb840b.js b/assets/js/7c4790a0.f9e78789.js similarity index 97% rename from assets/js/7c4790a0.99cb840b.js rename to assets/js/7c4790a0.f9e78789.js index d8c259e2a..9fe6f3572 100644 --- a/assets/js/7c4790a0.99cb840b.js +++ b/assets/js/7c4790a0.f9e78789.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9164],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.9/cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.9/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.9/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cluster-group.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/0.9/cluster-registration"},next:{title:"Setup Multi User",permalink:"/0.9/multi-user"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9164],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.9/cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.9/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.9/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cluster-group.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/0.9/cluster-registration"},next:{title:"Setup Multi User",permalink:"/0.9/multi-user"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/7c5d32d8.919b1b35.js b/assets/js/7c5d32d8.f3aa7136.js similarity index 99% rename from assets/js/7c5d32d8.919b1b35.js rename to assets/js/7c5d32d8.f3aa7136.js index da02899ba..2dc7fee4c 100644 --- a/assets/js/7c5d32d8.919b1b35.js +++ b/assets/js/7c5d32d8.f3aa7136.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6250],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(h,o(o({ref:t},p),{},{components:n})):r.createElement(h,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Core Concepts",s={unversionedId:"concepts",id:"version-0.4/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.4/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.4/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/concepts.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.4/quickstart"},next:{title:"Architecture",permalink:"/0.4/architecture"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.4/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"lifecycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.4/examples#lifecycle-of-a-fleet-bundle"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.4/examples#deploy-kubernetes-manifests-across-clusters-with-customization"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6250],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(h,o(o({ref:t},p),{},{components:n})):r.createElement(h,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Core Concepts",s={unversionedId:"concepts",id:"version-0.4/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.4/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.4/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/concepts.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.4/quickstart"},next:{title:"Architecture",permalink:"/0.4/architecture"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.4/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"lifecycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.4/examples#lifecycle-of-a-fleet-bundle"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.4/examples#deploy-kubernetes-manifests-across-clusters-with-customization"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/7f3d36ad.dd50ff39.js b/assets/js/7f3d36ad.c79cdb95.js similarity index 98% rename from assets/js/7f3d36ad.dd50ff39.js rename to assets/js/7f3d36ad.c79cdb95.js index 966668ab9..869ce4dd7 100644 --- a/assets/js/7f3d36ad.dd50ff39.js +++ b/assets/js/7f3d36ad.c79cdb95.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6255],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),h=c(n),d=a,m=h["".concat(l,".").concat(d)]||h[d]||p[d]||o;return n?r.createElement(m,s(s({ref:t},u),{},{components:n})):r.createElement(m,s({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,s=new Array(o);s[0]=h;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i.mdxType="string"==typeof e?e:a,s[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},s="Architecture",i={unversionedId:"architecture",id:"version-0.5/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.5/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.5/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/architecture.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.5/concepts"},next:{title:"Examples",permalink:"/0.5/examples"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.5/manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6255],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),h=c(n),d=a,m=h["".concat(l,".").concat(d)]||h[d]||p[d]||o;return n?r.createElement(m,s(s({ref:t},u),{},{components:n})):r.createElement(m,s({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,s=new Array(o);s[0]=h;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i.mdxType="string"==typeof e?e:a,s[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},s="Architecture",i={unversionedId:"architecture",id:"version-0.5/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.5/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.5/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/architecture.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.5/concepts"},next:{title:"Examples",permalink:"/0.5/examples"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.5/manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file diff --git a/assets/js/8003b96f.196cece6.js b/assets/js/8003b96f.c2c1de7b.js similarity index 99% rename from assets/js/8003b96f.196cece6.js rename to assets/js/8003b96f.c2c1de7b.js index fa90a7298..65e92c073 100644 --- a/assets/js/8003b96f.196cece6.js +++ b/assets/js/8003b96f.c2c1de7b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9940],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.9/bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.9/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.9/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/bundle-diffs.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.9/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/0.9/webhook"}},l={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,"In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto."),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec."),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9940],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.9/bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.9/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.9/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/bundle-diffs.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.9/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/0.9/webhook"}},l={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,"In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto."),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec."),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file diff --git a/assets/js/8070e160.82c64fb4.js b/assets/js/8070e160.88b82485.js similarity index 98% rename from assets/js/8070e160.82c64fb4.js rename to assets/js/8070e160.88b82485.js index 03dc21fe7..6c3a6d5d0 100644 --- a/assets/js/8070e160.82c64fb4.js +++ b/assets/js/8070e160.88b82485.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2651],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),u=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,u._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[u,i]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),b=(()=>{const e=u??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{b&&o(b)}),[b]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:o,selectValue:u,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=i[a].value;l!==o&&(d(t),u(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",g)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},2257:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>m,frontMatter:()=>u,metadata:()=>c,toc:()=>p});var l=a(7462),n=(a(7294),a(3905)),r=(a(6828),a(814)),s=a(4866),o=a(5162);const u={},i="Quick Start",c={unversionedId:"quickstart",id:"quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/docs/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/quickstart.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/"},next:{title:"Creating a Deployment",permalink:"/tut-deployment"}},d={},p=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],h={toc:p};function m(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null," Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is\nfairly straightforward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)(s.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/")),(0,n.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/"))),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd\n","helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet"),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}m.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2651],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),u=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,u._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[u,i]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),b=(()=>{const e=u??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{b&&o(b)}),[b]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:o,selectValue:u,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=i[a].value;l!==o&&(d(t),u(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",g)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},2257:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>m,frontMatter:()=>u,metadata:()=>c,toc:()=>p});var l=a(7462),n=(a(7294),a(3905)),r=(a(6828),a(814)),s=a(4866),o=a(5162);const u={},i="Quick Start",c={unversionedId:"quickstart",id:"quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/docs/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/quickstart.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/"},next:{title:"Creating a Deployment",permalink:"/tut-deployment"}},d={},p=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],h={toc:p};function m(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null," Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is\nfairly straightforward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)(s.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/")),(0,n.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/"))),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd\n","helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet"),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}m.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/82782dff.1c5625fc.js b/assets/js/82782dff.a3e4716f.js similarity index 97% rename from assets/js/82782dff.1c5625fc.js rename to assets/js/82782dff.a3e4716f.js index 83b48c5bb..62ceec10c 100644 --- a/assets/js/82782dff.1c5625fc.js +++ b/assets/js/82782dff.a3e4716f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7811],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=f(n),d=l,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>f});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"version-0.6/cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/versioned_docs/version-0.6/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/0.6/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-cli/fleet.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/0.6/cli/fleet-agent/"},next:{title:"fleet apply",permalink:"/0.6/cli/fleet-cli/fleet_apply"}},c={},f=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:f};function s(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet"},"fleet"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_test"},"fleet test"),"\t - Match a bundle to a target and render the output")))}s.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7811],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=f(n),d=l,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>f});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"version-0.6/cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/versioned_docs/version-0.6/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/0.6/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-cli/fleet.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/0.6/cli/fleet-agent/"},next:{title:"fleet apply",permalink:"/0.6/cli/fleet-cli/fleet_apply"}},c={},f=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:f};function s(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet"},"fleet"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_test"},"fleet test"),"\t - Match a bundle to a target and render the output")))}s.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/8307bb82.51e82d74.js b/assets/js/8307bb82.fd15e4b8.js similarity index 98% rename from assets/js/8307bb82.51e82d74.js rename to assets/js/8307bb82.fd15e4b8.js index 5afde1a77..bf5501629 100644 --- a/assets/js/8307bb82.51e82d74.js +++ b/assets/js/8307bb82.fd15e4b8.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5386],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"version-0.6/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.6/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.6/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/architecture.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.6/uninstall"},next:{title:"Core Concepts",permalink:"/0.6/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.6/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5386],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"version-0.6/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.6/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.6/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/architecture.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.6/uninstall"},next:{title:"Core Concepts",permalink:"/0.6/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.6/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file diff --git a/assets/js/834808ff.43c23efe.js b/assets/js/834808ff.1093a837.js similarity index 99% rename from assets/js/834808ff.43c23efe.js rename to assets/js/834808ff.1093a837.js index 1857dca18..4ccf02741 100644 --- a/assets/js/834808ff.43c23efe.js +++ b/assets/js/834808ff.1093a837.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3814],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),d=c(r),g=a,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||i;return r?n.createElement(m,s(s({ref:t},u),{},{components:r})):n.createElement(m,s({ref:t},u))}));function g(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,s=new Array(i);s[0]=d;var o={};for(var l in t)hasOwnProperty.call(t,l)&&(o[l]=t[l]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},s="Cluster Registration Internals",o={unversionedId:"ref-registration",id:"ref-registration",title:"Cluster Registration Internals",description:"How does cluster registration work?",source:"@site/docs/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-registration.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/cluster-bundles-state"},next:{title:"Configuration",permalink:"/ref-configuration"}},l={},c=[{value:"How does cluster registration work?",id:"how-does-cluster-registration-work",level:2},{value:"Cluster first",id:"cluster-first",level:4},{value:"Cluster -> ClusterRegistrationToken + Import Account",id:"cluster---clusterregistrationtoken--import-account",level:4},{value:"Fleet-Agent -> ClusterRegistration",id:"fleet-agent---clusterregistration",level:4},{value:"Notes",id:"notes",level:3},{value:"Diagram",id:"diagram",level:2},{value:"Process",id:"process",level:3},{value:"Secrets",id:"secrets",level:3}],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("h2",{id:"how-does-cluster-registration-work"},"How does cluster registration work?"),(0,a.kt)("p",null,"This text describes cluster registration with more technical details. The text ignores agent initiated registration, as it\u2019s not commonly used.\n",(0,a.kt)("a",{parentName:"p",href:"/cluster-registration#agent-initiated"},"Agent initiated registration")," is ",(0,a.kt)("a",{parentName:"p",href:"/cluster-registration#create-cluster-registration-tokens"},'"',(0,a.kt)("inlineCode",{parentName:"a"},"ClusterRegistrationToken"),' first"'),", which means pre-creating a cluster is optional."),(0,a.kt)("p",null,'See "',(0,a.kt)("a",{parentName:"p",href:"/cluster-registration"},"Register Downstream Clusters"),'" to learn how to register clusters.'),(0,a.kt)("h4",{id:"cluster-first"},"Cluster first"),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller"),' starts up and may "bootstrap" the local cluster resource. In Rancher creating the local cluster resource is handlded by the fleetcluster controller instead, but otherwise the process is identical.'),(0,a.kt)("p",null,"For manager initiated registration the process is identical for the local cluster or any downstream cluster. It starts by creating a cluster resource, which refers to a kubeconfig secret."),(0,a.kt)("h4",{id:"cluster---clusterregistrationtoken--import-account"},"Cluster -> ClusterRegistrationToken + Import Account"),(0,a.kt)("p",null,"Now that a cluster resource exists, ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and runs ",(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," to create the fleet-agent deployment.\u2028",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," also creates a ",(0,a.kt)("a",{parentName:"p",href:"/architecture#security"},(0,a.kt)("inlineCode",{parentName:"a"},"clusterregistrationtoken"))," and waits for it to be complete. The ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistationtoken")," triggers the creation of the import service account, which can create ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistrations"),' and read any secret in the system registration namespace (eg "cattle-fleet-clusters-system").\nThe ',(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," will enqueue itself until the import service account exists, because that\u2019s needed to create the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret.\nNow, the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," and the bootstrap secret are present on the downstream cluster"),(0,a.kt)("h4",{id:"fleet-agent---clusterregistration"},"Fleet-Agent -> ClusterRegistration"),(0,a.kt)("p",null,"Immediately the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," checks for a ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret (which contains the import kubeconfig) and starts registering if present. Then ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," creates a clusterregistration resource in fleet-default on the management cluster, with a random number. The random number will be used for the registration secret\u2019s name."),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and tries to grant the clusterregistration request to create ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent"),"\u2019s serviceaccount and create the ",(0,a.kt)("inlineCode",{parentName:"p"},"\u2018c-*\u2019")," registration secret with the clients new kubeconfig.\nThe registration secret name is ",(0,a.kt)("inlineCode",{parentName:"p"},'hash("clientID-clientRandom")'),'. The new kubeconfig uses the "request" account. The request account can access the cluster status, ',(0,a.kt)("inlineCode",{parentName:"p"},"bundledeployments")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"contents"),"."),(0,a.kt)("h3",{id:"notes"},"Notes"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},'The registration starts with the "import" account and pivots to the "request" account.'),(0,a.kt)("li",{parentName:"ul"},"The fleet-default namespace has all the cluster registrations, the import account uses a separate namespace."),(0,a.kt)("li",{parentName:"ul"},"Once the agent is registered, ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will trigger on a cluster/namespace change and call manageagent to create a bundle. The agent will update itself to the bundle and since the generation env var changes it will restart."),(0,a.kt)("li",{parentName:"ul"},"If no bootstrap secret exists, the agent will not re-register.")),(0,a.kt)("h2",{id:"diagram"},"Diagram"),(0,a.kt)("h3",{id:"process"},"Process"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})),(0,a.kt)("h3",{id:"secrets"},"Secrets"),(0,a.kt)("p",null,"This diagram shows the resources created during registration and focuses on the k8s API server configuration."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration Secrets",src:r(4408).Z,width:"1581",height:"4162"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"},4408:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistrationSecrets-deae20b127f82ebcf32a5c593b53b912.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3814],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function i(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,i=e.originalType,l=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),d=c(r),g=a,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||i;return r?n.createElement(m,s(s({ref:t},u),{},{components:r})):n.createElement(m,s({ref:t},u))}));function g(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=r.length,s=new Array(i);s[0]=d;var o={};for(var l in t)hasOwnProperty.call(t,l)&&(o[l]=t[l]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const i={},s="Cluster Registration Internals",o={unversionedId:"ref-registration",id:"ref-registration",title:"Cluster Registration Internals",description:"How does cluster registration work?",source:"@site/docs/ref-registration.md",sourceDirName:".",slug:"/ref-registration",permalink:"/ref-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-registration.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle State",permalink:"/cluster-bundles-state"},next:{title:"Configuration",permalink:"/ref-configuration"}},l={},c=[{value:"How does cluster registration work?",id:"how-does-cluster-registration-work",level:2},{value:"Cluster first",id:"cluster-first",level:4},{value:"Cluster -> ClusterRegistrationToken + Import Account",id:"cluster---clusterregistrationtoken--import-account",level:4},{value:"Fleet-Agent -> ClusterRegistration",id:"fleet-agent---clusterregistration",level:4},{value:"Notes",id:"notes",level:3},{value:"Diagram",id:"diagram",level:2},{value:"Process",id:"process",level:3},{value:"Secrets",id:"secrets",level:3}],u={toc:c};function p(e){let{components:t,...i}=e;return(0,a.kt)("wrapper",(0,n.Z)({},u,i,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-registration-internals"},"Cluster Registration Internals"),(0,a.kt)("h2",{id:"how-does-cluster-registration-work"},"How does cluster registration work?"),(0,a.kt)("p",null,"This text describes cluster registration with more technical details. The text ignores agent initiated registration, as it\u2019s not commonly used.\n",(0,a.kt)("a",{parentName:"p",href:"/cluster-registration#agent-initiated"},"Agent initiated registration")," is ",(0,a.kt)("a",{parentName:"p",href:"/cluster-registration#create-cluster-registration-tokens"},'"',(0,a.kt)("inlineCode",{parentName:"a"},"ClusterRegistrationToken"),' first"'),", which means pre-creating a cluster is optional."),(0,a.kt)("p",null,'See "',(0,a.kt)("a",{parentName:"p",href:"/cluster-registration"},"Register Downstream Clusters"),'" to learn how to register clusters.'),(0,a.kt)("h4",{id:"cluster-first"},"Cluster first"),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller"),' starts up and may "bootstrap" the local cluster resource. In Rancher creating the local cluster resource is handlded by the fleetcluster controller instead, but otherwise the process is identical.'),(0,a.kt)("p",null,"For manager initiated registration the process is identical for the local cluster or any downstream cluster. It starts by creating a cluster resource, which refers to a kubeconfig secret."),(0,a.kt)("h4",{id:"cluster---clusterregistrationtoken--import-account"},"Cluster -> ClusterRegistrationToken + Import Account"),(0,a.kt)("p",null,"Now that a cluster resource exists, ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and runs ",(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," to create the fleet-agent deployment.\u2028",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," also creates a ",(0,a.kt)("a",{parentName:"p",href:"/architecture#security"},(0,a.kt)("inlineCode",{parentName:"a"},"clusterregistrationtoken"))," and waits for it to be complete. The ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistationtoken")," triggers the creation of the import service account, which can create ",(0,a.kt)("inlineCode",{parentName:"p"},"clusterregistrations"),' and read any secret in the system registration namespace (eg "cattle-fleet-clusters-system").\nThe ',(0,a.kt)("inlineCode",{parentName:"p"},"import.go")," will enqueue itself until the import service account exists, because that\u2019s needed to create the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret.\nNow, the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," and the bootstrap secret are present on the downstream cluster"),(0,a.kt)("h4",{id:"fleet-agent---clusterregistration"},"Fleet-Agent -> ClusterRegistration"),(0,a.kt)("p",null,"Immediately the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," checks for a ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent-bootstrap")," secret (which contains the import kubeconfig) and starts registering if present. Then ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," creates a clusterregistration resource in fleet-default on the management cluster, with a random number. The random number will be used for the registration secret\u2019s name."),(0,a.kt)("p",null,(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," triggers and tries to grant the clusterregistration request to create ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent"),"\u2019s serviceaccount and create the ",(0,a.kt)("inlineCode",{parentName:"p"},"\u2018c-*\u2019")," registration secret with the clients new kubeconfig.\nThe registration secret name is ",(0,a.kt)("inlineCode",{parentName:"p"},'hash("clientID-clientRandom")'),'. The new kubeconfig uses the "request" account. The request account can access the cluster status, ',(0,a.kt)("inlineCode",{parentName:"p"},"bundledeployments")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"contents"),"."),(0,a.kt)("h3",{id:"notes"},"Notes"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},'The registration starts with the "import" account and pivots to the "request" account.'),(0,a.kt)("li",{parentName:"ul"},"The fleet-default namespace has all the cluster registrations, the import account uses a separate namespace."),(0,a.kt)("li",{parentName:"ul"},"Once the agent is registered, ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will trigger on a cluster/namespace change and call manageagent to create a bundle. The agent will update itself to the bundle and since the generation env var changes it will restart."),(0,a.kt)("li",{parentName:"ul"},"If no bootstrap secret exists, the agent will not re-register.")),(0,a.kt)("h2",{id:"diagram"},"Diagram"),(0,a.kt)("h3",{id:"process"},"Process"),(0,a.kt)("p",null,"Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster.\nIt's important to note that there are multiple ways to start this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Creating a bootstrap config. Fleet does this for the local agent."),(0,a.kt)("li",{parentName:"ul"},"Creating a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource with a kubeconfig. Rancher does this for downstream clusters. See ",(0,a.kt)("a",{parentName:"li",href:"/cluster-registration#manager-initiated"},"manager-initiated registration"),"."),(0,a.kt)("li",{parentName:"ul"},"Create a ",(0,a.kt)("inlineCode",{parentName:"li"},"ClusterRegistrationToken")," resource, optionally create a ",(0,a.kt)("inlineCode",{parentName:"li"},"Cluster")," resource for a pre-defined (",(0,a.kt)("inlineCode",{parentName:"li"},"clientID"),") cluster. See ",(0,a.kt)("a",{parentName:"li",href:"/cluster-registration#agent-initiated"},"agent-initiated registration"),".")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration",src:r(2364).Z,width:"3700",height:"2492"})),(0,a.kt)("h3",{id:"secrets"},"Secrets"),(0,a.kt)("p",null,"This diagram shows the resources created during registration and focuses on the k8s API server configuration."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Registration Secrets",src:r(4408).Z,width:"1581",height:"4162"})))}p.isMDXComponent=!0},2364:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistration-e49565723b02880b6dd7fa0ddc1fdbe2.svg"},4408:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetRegistrationSecrets-deae20b127f82ebcf32a5c593b53b912.svg"}}]); \ No newline at end of file diff --git a/assets/js/847b3bc4.18f0c437.js b/assets/js/847b3bc4.aea638e9.js similarity index 97% rename from assets/js/847b3bc4.18f0c437.js rename to assets/js/847b3bc4.aea638e9.js index 35490504a..a7615d279 100644 --- a/assets/js/847b3bc4.18f0c437.js +++ b/assets/js/847b3bc4.aea638e9.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5435],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),f=c(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||a;return n?r.createElement(d,o(o({ref:t},u),{},{components:n})):r.createElement(d,o({ref:t},u))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=f;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.5/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.5/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.5/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/uninstall.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Multi Cluster Install",permalink:"/0.5/multi-cluster-install"},next:{title:"v0.5.0",permalink:"/0.5/changelogs/changelogs/v0.5.0"}},s={},c=[],u={toc:c};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"uninstall"},"Uninstall"),(0,l.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5435],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),f=c(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||a;return n?r.createElement(d,o(o({ref:t},u),{},{components:n})):r.createElement(d,o({ref:t},u))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=f;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.5/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.5/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.5/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/uninstall.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Multi Cluster Install",permalink:"/0.5/multi-cluster-install"},next:{title:"v0.5.0",permalink:"/0.5/changelogs/changelogs/v0.5.0"}},s={},c=[],u={toc:c};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"uninstall"},"Uninstall"),(0,l.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/857d18b5.ff45f667.js b/assets/js/857d18b5.34cbea8f.js similarity index 99% rename from assets/js/857d18b5.ff45f667.js rename to assets/js/857d18b5.34cbea8f.js index ef5539c5f..e5f842d1a 100644 --- a/assets/js/857d18b5.ff45f667.js +++ b/assets/js/857d18b5.34cbea8f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6076],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),p=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},c=function(e){var t=p(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),h=p(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},c),{},{components:n})):o.createElement(m,r({ref:t},c))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.6/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.6/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.6/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/troubleshooting.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/0.6/ref-gitrepo"},next:{title:"v0.6.0",permalink:"/0.6/changelogs/changelogs/v0.6.0"}},s={},p=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],c={toc:p};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled. "),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.6/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.6/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo. "),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.6/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority" \n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm: \n releaseName: \n repo: \n chart: \ndiff: \n comparePatches: \n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations" \n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.6/bundle-diffs"},"bundle diffs documentation")," for more information. ")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,a.kt)("p",null,"Managing Fleet within Fleet (nested ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," usage) is not currently supported. We will update the documentation if support becomes available."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6076],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),p=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},c=function(e){var t=p(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),h=p(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},c),{},{components:n})):o.createElement(m,r({ref:t},c))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.6/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.6/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.6/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/troubleshooting.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/0.6/ref-gitrepo"},next:{title:"v0.6.0",permalink:"/0.6/changelogs/changelogs/v0.6.0"}},s={},p=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],c={toc:p};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled. "),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.6/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.6/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo. "),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.6/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority" \n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm: \n releaseName: \n repo: \n chart: \ndiff: \n comparePatches: \n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations" \n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.6/bundle-diffs"},"bundle diffs documentation")," for more information. ")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,a.kt)("p",null,"Managing Fleet within Fleet (nested ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," usage) is not currently supported. We will update the documentation if support becomes available."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/87469ac3.522414d0.js b/assets/js/87469ac3.a0e5c8bf.js similarity index 99% rename from assets/js/87469ac3.522414d0.js rename to assets/js/87469ac3.a0e5c8bf.js index 283d50eba..246ed5e51 100644 --- a/assets/js/87469ac3.522414d0.js +++ b/assets/js/87469ac3.a0e5c8bf.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7579],{3905:(t,e,a)=>{a.d(e,{Zo:()=>d,kt:()=>s});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var m=n.createContext({}),u=function(t){var e=n.useContext(m),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},d=function(t){var e=u(t.components);return n.createElement(m.Provider,{value:e},t.children)},k={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},N=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,m=t.parentName,d=p(t,["components","mdxType","originalType","parentName"]),N=u(a),s=l,o=N["".concat(m,".").concat(s)]||N[s]||k[s]||r;return a?n.createElement(o,i(i({ref:e},d),{},{components:a})):n.createElement(o,i({ref:e},d))}));function s(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=N;var p={};for(var m in e)hasOwnProperty.call(e,m)&&(p[m]=e[m]);p.originalType=t,p.mdxType="string"==typeof t?t:l,i[1]=p;for(var u=2;u{a.r(e),a.d(e,{assets:()=>m,contentTitle:()=>i,default:()=>k,frontMatter:()=>r,metadata:()=>p,toc:()=>u});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",p={unversionedId:"ref-crds",id:"version-0.7/ref-crds",title:"Custom Resources Spec",description:"* GitRepo",source:"@site/versioned_docs/version-0.7/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/0.7/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-crds.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/0.7/ref-configuration"},next:{title:"fleet.yaml",permalink:"/0.7/ref-fleet-yaml"}},m={},u=[{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"Bundle",id:"bundle",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"Content",id:"content",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"IgnoreOptions",id:"ignoreoptions",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4}],d={toc:u};function k(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},d,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#ignoreoptions"},"IgnoreOptions"))),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for private helm repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of target this repo will deploy to"),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gittarget"},"GitTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when new image is scanned and write back to git repo"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contain the actual resources from the git repo which will be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleresource"},"BundleResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions restrict which clusters the bundle will be deployed to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ignore"),(0,l.kt)("td",{parentName:"tr",align:null},"Ignore refers to the fields that will not be considered when monitoring the status."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#operation"},"Operation")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes helm skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partition"},"Partition")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"At most 3 nodes"),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"At most 3 nodes"),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"ignoreoptions"},"IgnoreOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"conditions to be ignored"),(0,l.kt)("td",{parentName:"tr",align:null},"[]map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinity"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used."),(0,l.kt)("td",{parentName:"tr",align:null},"*v1.Affinity"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResources"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResources sets the resources for the cluster's agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"*v1.ResourceRequirements"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinityHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResourcesHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerationsHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}k.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7579],{3905:(t,e,a)=>{a.d(e,{Zo:()=>d,kt:()=>s});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var m=n.createContext({}),u=function(t){var e=n.useContext(m),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},d=function(t){var e=u(t.components);return n.createElement(m.Provider,{value:e},t.children)},k={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},N=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,m=t.parentName,d=p(t,["components","mdxType","originalType","parentName"]),N=u(a),s=l,o=N["".concat(m,".").concat(s)]||N[s]||k[s]||r;return a?n.createElement(o,i(i({ref:e},d),{},{components:a})):n.createElement(o,i({ref:e},d))}));function s(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=N;var p={};for(var m in e)hasOwnProperty.call(e,m)&&(p[m]=e[m]);p.originalType=t,p.mdxType="string"==typeof t?t:l,i[1]=p;for(var u=2;u{a.r(e),a.d(e,{assets:()=>m,contentTitle:()=>i,default:()=>k,frontMatter:()=>r,metadata:()=>p,toc:()=>u});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",p={unversionedId:"ref-crds",id:"version-0.7/ref-crds",title:"Custom Resources Spec",description:"* GitRepo",source:"@site/versioned_docs/version-0.7/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/0.7/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-crds.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/0.7/ref-configuration"},next:{title:"fleet.yaml",permalink:"/0.7/ref-fleet-yaml"}},m={},u=[{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"Bundle",id:"bundle",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"Content",id:"content",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"IgnoreOptions",id:"ignoreoptions",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4}],d={toc:u};function k(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},d,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#ignoreoptions"},"IgnoreOptions"))),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for private helm repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of target this repo will deploy to"),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gittarget"},"GitTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when new image is scanned and write back to git repo"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contain the actual resources from the git repo which will be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleresource"},"BundleResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions restrict which clusters the bundle will be deployed to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ignore"),(0,l.kt)("td",{parentName:"tr",align:null},"Ignore refers to the fields that will not be considered when monitoring the status."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#operation"},"Operation")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes helm skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partition"},"Partition")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"At most 3 nodes"),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"At most 3 nodes"),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"ignoreoptions"},"IgnoreOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"conditions to be ignored"),(0,l.kt)("td",{parentName:"tr",align:null},"[]map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinity"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used."),(0,l.kt)("td",{parentName:"tr",align:null},"*v1.Affinity"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResources"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResources sets the resources for the cluster's agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"*v1.ResourceRequirements"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinityHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResourcesHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerationsHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}k.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/88f3f33f.a4e034fb.js b/assets/js/88f3f33f.daa8ede9.js similarity index 97% rename from assets/js/88f3f33f.a4e034fb.js rename to assets/js/88f3f33f.daa8ede9.js index d1ec682a2..d450bae5b 100644 --- a/assets/js/88f3f33f.a4e034fb.js +++ b/assets/js/88f3f33f.daa8ede9.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5940],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.8/cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.8/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.8/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cluster-group.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/0.8/cluster-registration"},next:{title:"Setup Multi User",permalink:"/0.8/multi-user"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5940],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.8/cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.8/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.8/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cluster-group.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/0.8/cluster-registration"},next:{title:"Setup Multi User",permalink:"/0.8/multi-user"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/8eb509d6.63ebb926.js b/assets/js/8eb509d6.c31be761.js similarity index 98% rename from assets/js/8eb509d6.63ebb926.js rename to assets/js/8eb509d6.c31be761.js index 96d6a380b..00a696c48 100644 --- a/assets/js/8eb509d6.63ebb926.js +++ b/assets/js/8eb509d6.c31be761.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3220],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"version-0.6/cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/versioned_docs/version-0.6/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/0.6/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-controller/fleet-manager.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/0.6/cli/fleet-cli/fleet_test"},next:{title:"Cluster and Bundle State",permalink:"/0.6/cluster-bundles-state"}},c={},s=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-bootstrap disable agent on local cluster\n --disable-gitops disable gitops components\n -h, --help help for fleet-manager\n --kubeconfig string Kubeconfig file\n --namespace string namespace to watch (default "cattle-fleet-system")\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3220],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"version-0.6/cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/versioned_docs/version-0.6/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/0.6/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-controller/fleet-manager.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/0.6/cli/fleet-cli/fleet_test"},next:{title:"Cluster and Bundle State",permalink:"/0.6/cluster-bundles-state"}},c={},s=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-bootstrap disable agent on local cluster\n --disable-gitops disable gitops components\n -h, --help help for fleet-manager\n --kubeconfig string Kubeconfig file\n --namespace string namespace to watch (default "cattle-fleet-system")\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/8ff6a575.7eab3059.js b/assets/js/8ff6a575.b6a91d43.js similarity index 99% rename from assets/js/8ff6a575.7eab3059.js rename to assets/js/8ff6a575.b6a91d43.js index 1598ca37b..1058607ca 100644 --- a/assets/js/8ff6a575.7eab3059.js +++ b/assets/js/8ff6a575.b6a91d43.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6061],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},257:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"version-0.7/tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/versioned_docs/version-0.7/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/0.7/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/tut-deployment.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.7/quickstart"},next:{title:"Uninstall",permalink:"/0.7/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/0.7/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},257:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"version-0.7/tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/versioned_docs/version-0.7/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/0.7/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/tut-deployment.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.7/quickstart"},next:{title:"Uninstall",permalink:"/0.7/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/0.7/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{t.d(n,{Zo:()=>p,kt:()=>f});var r=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function a(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function l(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var i=r.createContext({}),c=function(e){var n=r.useContext(i),t=n;return e&&(t="function"==typeof e?e(n):l(l({},n),e)),t},p=function(e){var n=c(e.components);return r.createElement(i.Provider,{value:n},e.children)},u={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},d=r.forwardRef((function(e,n){var t=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(t),f=o,m=d["".concat(i,".").concat(f)]||d[f]||u[f]||a;return t?r.createElement(m,l(l({ref:n},p),{},{components:t})):r.createElement(m,l({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var a=t.length,l=new Array(a);l[0]=d;var s={};for(var i in n)hasOwnProperty.call(n,i)&&(s[i]=n[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var c=2;c{t.r(n),t.d(n,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=t(7462),o=(t(7294),t(3905));const a={},l="Bundle Resource",s={unversionedId:"ref-bundle",id:"ref-bundle",title:"Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created.",source:"@site/docs/ref-bundle.md",sourceDirName:".",slug:"/ref-bundle",permalink:"/ref-bundle",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-bundle.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/ref-gitrepo"},next:{title:"Troubleshooting",permalink:"/troubleshooting"}},i={},c=[],p={toc:c};function u(e){let{components:n,...t}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-resource"},"Bundle Resource"),(0,o.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,o.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),".\nFor more information on how to use the Bundle resource ",(0,o.kt)("a",{parentName:"p",href:"/bundle-add"},"Create a Bundle Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # Namespace used for resources that do not specify a namespace.\n # This field is not used to enforce or lock down the deployment to a specific namespace.\n # defaultNamespace: test\n\n # If present will assign all resource to this\n # namespace and if any cluster scoped resource exists the deployment will fail.\n # targetNamespace: app\n\n # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.\n # kustomize: ...\n\n # Helm options for the deployment, like the chart name, repo and values.\n # helm: ...\n\n # ServiceAccount which will be used to perform this deployment.\n # serviceAccount: sa\n\n # ForceSyncGeneration is used to force a redeployment.\n # forceSyncGeneration: 0\n\n # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.\n # yaml: ...\n\n # Diff can be used to ignore the modified state of objects which are amended at runtime.\n # A specific commit or tag can also be watched.\n #\n # diff: ...\n\n # KeepResources can be used to keep the deployed resources when removing the bundle.\n # keepResources: false\n\n # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.\n # paused: false\n\n # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.\n # rolloutStrategy: ...\n\n # Contain the actual resources from the git repo which will be deployed.\n resources:\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n\n # This field is used by Fleet internally, and it should not be modified manually.\n # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.\n # targetRestrictions: ...\n\n # Refers to the bundles which must be ready before this bundle can be deployed.\n # dependsOn: ...\n\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[427],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var r=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function a(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function l(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var i=r.createContext({}),c=function(e){var n=r.useContext(i),t=n;return e&&(t="function"==typeof e?e(n):l(l({},n),e)),t},p=function(e){var n=c(e.components);return r.createElement(i.Provider,{value:n},e.children)},u={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},d=r.forwardRef((function(e,n){var t=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(t),f=o,m=d["".concat(i,".").concat(f)]||d[f]||u[f]||a;return t?r.createElement(m,l(l({ref:n},p),{},{components:t})):r.createElement(m,l({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var a=t.length,l=new Array(a);l[0]=d;var s={};for(var i in n)hasOwnProperty.call(n,i)&&(s[i]=n[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var c=2;c{t.r(n),t.d(n,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=t(7462),o=(t(7294),t(3905));const a={},l="Bundle Resource",s={unversionedId:"ref-bundle",id:"ref-bundle",title:"Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created.",source:"@site/docs/ref-bundle.md",sourceDirName:".",slug:"/ref-bundle",permalink:"/ref-bundle",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-bundle.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/ref-gitrepo"},next:{title:"Troubleshooting",permalink:"/troubleshooting"}},i={},c=[],p={toc:c};function u(e){let{components:n,...t}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-resource"},"Bundle Resource"),(0,o.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,o.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),".\nFor more information on how to use the Bundle resource ",(0,o.kt)("a",{parentName:"p",href:"/bundle-add"},"Create a Bundle Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # Namespace used for resources that do not specify a namespace.\n # This field is not used to enforce or lock down the deployment to a specific namespace.\n # defaultNamespace: test\n\n # If present will assign all resource to this\n # namespace and if any cluster scoped resource exists the deployment will fail.\n # targetNamespace: app\n\n # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.\n # kustomize: ...\n\n # Helm options for the deployment, like the chart name, repo and values.\n # helm: ...\n\n # ServiceAccount which will be used to perform this deployment.\n # serviceAccount: sa\n\n # ForceSyncGeneration is used to force a redeployment.\n # forceSyncGeneration: 0\n\n # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.\n # yaml: ...\n\n # Diff can be used to ignore the modified state of objects which are amended at runtime.\n # A specific commit or tag can also be watched.\n #\n # diff: ...\n\n # KeepResources can be used to keep the deployed resources when removing the bundle.\n # keepResources: false\n\n # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.\n # paused: false\n\n # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.\n # rolloutStrategy: ...\n\n # Contain the actual resources from the git repo which will be deployed.\n resources:\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n\n # This field is used by Fleet internally, and it should not be modified manually.\n # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.\n # targetRestrictions: ...\n\n # Refers to the bundles which must be ready before this bundle can be deployed.\n # dependsOn: ...\n\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/909a121f.e6ab8b74.js b/assets/js/909a121f.99c61109.js similarity index 99% rename from assets/js/909a121f.e6ab8b74.js rename to assets/js/909a121f.99c61109.js index e4c55f44a..ec6a286b9 100644 --- a/assets/js/909a121f.e6ab8b74.js +++ b/assets/js/909a121f.99c61109.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2044],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},d=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=p(n),u=r,h=c["".concat(s,".").concat(u)]||c[u]||m[u]||l;return n?a.createElement(h,i(i({ref:t},d),{},{components:n})):a.createElement(h,i({ref:t},d))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,i=new Array(l);i[0]=c;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:r,i[1]=o;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>m,frontMatter:()=>l,metadata:()=>o,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const l={},i="Git Repository Contents",o={unversionedId:"gitrepo-content",id:"version-0.7/gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.7/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/0.7/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/gitrepo-content.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/0.7/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/0.7/namespaces"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2}],d={toc:p};function m(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/0.7/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/0.7/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/0.7/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("p",null,"The available fields are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.7/ref-fleet-yaml"},"fleet.yaml reference")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,r.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,r.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,r.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,r.kt)("p",null,"The resources can then be referenced from a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"gitrepo-targets#customization-per-cluster"},"Mapping to Downstream Clusters")," for more information and a list of supported customizations."),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/0.7/cluster-bundles-state"},"Cluster and Bundle state"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2044],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},d=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},c=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=p(n),u=r,h=c["".concat(s,".").concat(u)]||c[u]||m[u]||l;return n?a.createElement(h,i(i({ref:t},d),{},{components:n})):a.createElement(h,i({ref:t},d))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,i=new Array(l);i[0]=c;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:r,i[1]=o;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>m,frontMatter:()=>l,metadata:()=>o,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const l={},i="Git Repository Contents",o={unversionedId:"gitrepo-content",id:"version-0.7/gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.7/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/0.7/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/gitrepo-content.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/0.7/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/0.7/namespaces"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2}],d={toc:p};function m(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/0.7/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/0.7/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/0.7/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("p",null,"The available fields are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.7/ref-fleet-yaml"},"fleet.yaml reference")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,r.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,r.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,r.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,r.kt)("p",null,"The resources can then be referenced from a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"gitrepo-targets#customization-per-cluster"},"Mapping to Downstream Clusters")," for more information and a list of supported customizations."),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/0.7/cluster-bundles-state"},"Cluster and Bundle state"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/922074e2.7b1f2a03.js b/assets/js/922074e2.8a18a190.js similarity index 99% rename from assets/js/922074e2.7b1f2a03.js rename to assets/js/922074e2.8a18a190.js index 5ac18d7ce..d52e1855d 100644 --- a/assets/js/922074e2.7b1f2a03.js +++ b/assets/js/922074e2.8a18a190.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2717],{3905:(t,e,n)=>{n.d(e,{Zo:()=>d,kt:()=>s});var r=n(7294);function a(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function l(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function o(t){for(var e=1;e=0||(a[n]=t[n]);return a}(t,e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(t);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(t,n)&&(a[n]=t[n])}return a}var p=r.createContext({}),u=function(t){var e=r.useContext(p),n=e;return t&&(n="function"==typeof t?t(e):o(o({},e),t)),n},d=function(t){var e=u(t.components);return r.createElement(p.Provider,{value:e},t.children)},m={inlineCode:"code",wrapper:function(t){var e=t.children;return r.createElement(r.Fragment,{},e)}},c=r.forwardRef((function(t,e){var n=t.components,a=t.mdxType,l=t.originalType,p=t.parentName,d=i(t,["components","mdxType","originalType","parentName"]),c=u(n),s=a,g=c["".concat(p,".").concat(s)]||c[s]||m[s]||l;return n?r.createElement(g,o(o({ref:e},d),{},{components:n})):r.createElement(g,o({ref:e},d))}));function s(t,e){var n=arguments,a=e&&e.mdxType;if("string"==typeof t||a){var l=n.length,o=new Array(l);o[0]=c;var i={};for(var p in e)hasOwnProperty.call(e,p)&&(i[p]=e[p]);i.originalType=t,i.mdxType="string"==typeof t?t:a,o[1]=i;for(var u=2;u{n.r(e),n.d(e,{assets:()=>p,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>u});var r=n(7462),a=(n(7294),n(3905));const l={},o="List of Deployed Resources",i={unversionedId:"ref-resources",id:"version-0.8/ref-resources",title:"List of Deployed Resources",description:"After installing Fleet in Rancher these resources are created in the upstream cluster.",source:"@site/versioned_docs/version-0.8/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/0.8/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-resources.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/0.8/ref-configuration"},next:{title:"Custom Resources Spec",permalink:"/0.8/ref-crds"}},p={},u=[],d={toc:u};function m(t){let{components:e,...n}=t;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:e,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"list-of-deployed-resources"},"List of Deployed Resources"),(0,a.kt)("p",null,"After installing Fleet in Rancher these resources are created in the upstream cluster."),(0,a.kt)("table",null,(0,a.kt)("thead",{parentName:"table"},(0,a.kt)("tr",{parentName:"thead"},(0,a.kt)("th",{parentName:"tr",align:null},"Type"),(0,a.kt)("th",{parentName:"tr",align:null},"Name"),(0,a.kt)("th",{parentName:"tr",align:null},"Namespace"))),(0,a.kt)("tbody",{parentName:"table"},(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"From Helm, intial setup:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob-binding"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ConfigMap"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Service"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Generated:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterGroup"),(0,a.kt)("td",{parentName:"tr",align:null},"default"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"For each registered cluster:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null},"by default fleet-default")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"generated"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BundleDeployment"),(0,a.kt)("td",{parentName:"tr",align:null},"cluster-fleet-local-local-ID"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local")))),(0,a.kt)("p",null,"Also see ","[namespaces]"))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2717],{3905:(t,e,n)=>{n.d(e,{Zo:()=>d,kt:()=>s});var r=n(7294);function a(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function l(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function o(t){for(var e=1;e=0||(a[n]=t[n]);return a}(t,e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(t);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(t,n)&&(a[n]=t[n])}return a}var p=r.createContext({}),u=function(t){var e=r.useContext(p),n=e;return t&&(n="function"==typeof t?t(e):o(o({},e),t)),n},d=function(t){var e=u(t.components);return r.createElement(p.Provider,{value:e},t.children)},m={inlineCode:"code",wrapper:function(t){var e=t.children;return r.createElement(r.Fragment,{},e)}},c=r.forwardRef((function(t,e){var n=t.components,a=t.mdxType,l=t.originalType,p=t.parentName,d=i(t,["components","mdxType","originalType","parentName"]),c=u(n),s=a,g=c["".concat(p,".").concat(s)]||c[s]||m[s]||l;return n?r.createElement(g,o(o({ref:e},d),{},{components:n})):r.createElement(g,o({ref:e},d))}));function s(t,e){var n=arguments,a=e&&e.mdxType;if("string"==typeof t||a){var l=n.length,o=new Array(l);o[0]=c;var i={};for(var p in e)hasOwnProperty.call(e,p)&&(i[p]=e[p]);i.originalType=t,i.mdxType="string"==typeof t?t:a,o[1]=i;for(var u=2;u{n.r(e),n.d(e,{assets:()=>p,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>u});var r=n(7462),a=(n(7294),n(3905));const l={},o="List of Deployed Resources",i={unversionedId:"ref-resources",id:"version-0.8/ref-resources",title:"List of Deployed Resources",description:"After installing Fleet in Rancher these resources are created in the upstream cluster.",source:"@site/versioned_docs/version-0.8/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/0.8/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-resources.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/0.8/ref-configuration"},next:{title:"Custom Resources Spec",permalink:"/0.8/ref-crds"}},p={},u=[],d={toc:u};function m(t){let{components:e,...n}=t;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:e,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"list-of-deployed-resources"},"List of Deployed Resources"),(0,a.kt)("p",null,"After installing Fleet in Rancher these resources are created in the upstream cluster."),(0,a.kt)("table",null,(0,a.kt)("thead",{parentName:"table"},(0,a.kt)("tr",{parentName:"thead"},(0,a.kt)("th",{parentName:"tr",align:null},"Type"),(0,a.kt)("th",{parentName:"tr",align:null},"Name"),(0,a.kt)("th",{parentName:"tr",align:null},"Namespace"))),(0,a.kt)("tbody",{parentName:"table"},(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"From Helm, intial setup:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob-binding"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ConfigMap"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Service"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Generated:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterGroup"),(0,a.kt)("td",{parentName:"tr",align:null},"default"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"For each registered cluster:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null},"by default fleet-default")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"generated"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BundleDeployment"),(0,a.kt)("td",{parentName:"tr",align:null},"cluster-fleet-local-local-ID"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local")))),(0,a.kt)("p",null,"Also see ","[namespaces]"))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/9533a6b7.305eb09d.js b/assets/js/9533a6b7.e698023b.js similarity index 98% rename from assets/js/9533a6b7.305eb09d.js rename to assets/js/9533a6b7.e698023b.js index 769be6a6e..91b62abc5 100644 --- a/assets/js/9533a6b7.305eb09d.js +++ b/assets/js/9533a6b7.e698023b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9353],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>m});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function l(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var i=n.createContext({}),c=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},p=function(e){var t=c(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(r),m=a,f=d["".concat(i,".").concat(m)]||d[m]||u[m]||l;return r?n.createElement(f,o(o({ref:t},p),{},{components:r})):n.createElement(f,o({ref:t},p))}));function m(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=r.length,o=new Array(l);o[0]=d;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const l={},o="Mapping to Downstream Clusters",s={unversionedId:"gitrepo-targets",id:"version-0.5/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Multi-cluster Only:",source:"@site/versioned_docs/version-0.5/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.5/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/gitrepo-targets.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Expected Repo Structure",permalink:"/0.5/gitrepo-structure"},next:{title:"Generating Diffs for Modified GitRepos",permalink:"/0.5/bundle-diffs"}},i={},c=[{value:"Defining targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default target",id:"default-target",level:2}],p={toc:c};function u(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style")),(0,a.kt)("p",null,"When deploying ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,a.kt)("h2",{id:"defining-targets"},"Defining targets"),(0,a.kt)("p",null,"The deployment targets of ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,a.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n')),(0,a.kt)("h2",{id:"target-matching"},"Target Matching"),(0,a.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,a.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,a.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,a.kt)("h2",{id:"default-target"},"Default target"),(0,a.kt)("p",null,"If no target is set for the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,a.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9353],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>m});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function l(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var i=n.createContext({}),c=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},p=function(e){var t=c(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(r),m=a,f=d["".concat(i,".").concat(m)]||d[m]||u[m]||l;return r?n.createElement(f,o(o({ref:t},p),{},{components:r})):n.createElement(f,o({ref:t},p))}));function m(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=r.length,o=new Array(l);o[0]=d;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const l={},o="Mapping to Downstream Clusters",s={unversionedId:"gitrepo-targets",id:"version-0.5/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Multi-cluster Only:",source:"@site/versioned_docs/version-0.5/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.5/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/gitrepo-targets.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Expected Repo Structure",permalink:"/0.5/gitrepo-structure"},next:{title:"Generating Diffs for Modified GitRepos",permalink:"/0.5/bundle-diffs"}},i={},c=[{value:"Defining targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default target",id:"default-target",level:2}],p={toc:c};function u(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style")),(0,a.kt)("p",null,"When deploying ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,a.kt)("h2",{id:"defining-targets"},"Defining targets"),(0,a.kt)("p",null,"The deployment targets of ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,a.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n')),(0,a.kt)("h2",{id:"target-matching"},"Target Matching"),(0,a.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,a.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,a.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,a.kt)("h2",{id:"default-target"},"Default target"),(0,a.kt)("p",null,"If no target is set for the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,a.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/95a72457.d30efa3d.js b/assets/js/95a72457.c489faab.js similarity index 99% rename from assets/js/95a72457.d30efa3d.js rename to assets/js/95a72457.c489faab.js index 03a9c5a6e..0955463f8 100644 --- a/assets/js/95a72457.d30efa3d.js +++ b/assets/js/95a72457.c489faab.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4126],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=a.createContext({}),c=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=r,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?a.createElement(h,l(l({ref:t},p),{},{components:n})):a.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/docs/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/multi-user.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/gitrepo-add"}},i={},c=[{value:"Example Fleet Standalone",id:"example-fleet-standalone",level:2},{value:"Example Fleet in Rancher",id:"example-fleet-in-rancher",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,r.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,r.kt)("p",null,"One addition on top of RBAC is the ",(0,r.kt)("a",{parentName:"p",href:"/namespaces#restricting-gitrepos"},(0,r.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,r.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,r.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,r.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,r.kt)("admonition",{title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,r.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,r.kt)("h2",{id:"example-fleet-standalone"},"Example Fleet Standalone"),(0,r.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,r.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,r.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,r.kt)("h2",{id:"example-fleet-in-rancher"},"Example Fleet in Rancher"),(0,r.kt)("p",null,"When a new fleet workspace is created, a corresponding namespace with an identical name is automatically generated within the Rancher local cluster.\nFor a user to see and deploy fleet resources in a specific workspace, they need at least the following permissions:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"list/get the ",(0,r.kt)("inlineCode",{parentName:"li"},"fleetworkspace")," cluster-wide resource in the local cluster"),(0,r.kt)("li",{parentName:"ul"},"Permissions to create fleet resources (such as ",(0,r.kt)("inlineCode",{parentName:"li"},"bundles"),", ",(0,r.kt)("inlineCode",{parentName:"li"},"gitrepos"),", ...) in the backing namespace for the workspace in the local cluster. ")),(0,r.kt)("p",null,"Let's grant permissions to deploy fleet resources in the ",(0,r.kt)("inlineCode",{parentName:"p"},"project1")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"project2")," fleet workspaces:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"To create the ",(0,r.kt)("inlineCode",{parentName:"li"},"project1")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"project2")," fleet workspaces, you can either do it in the ",(0,r.kt)("a",{parentName:"li",href:"https://ranchermanager.docs.rancher.com/integrations-in-rancher/fleet/overview#accessing-fleet-in-the-rancher-ui"},"Rancher UI")," or use the following YAML resources:")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"apiVersion: management.cattle.io/v3\nkind: FleetWorkspace\nmetadata:\n name: project1\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"apiVersion: management.cattle.io/v3\nkind: FleetWorkspace\nmetadata:\n name: project2\n")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Create a ",(0,r.kt)("inlineCode",{parentName:"li"},"GlobalRole")," that grants permission to deploy fleet resources in the ",(0,r.kt)("inlineCode",{parentName:"li"},"project1")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"project2")," fleet workspaces:")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"apiVersion: management.cattle.io/v3\nkind: GlobalRole\nmetadata:\n name: fleet-projects1and2\nnamespacedRules:\n project1:\n - apiGroups:\n - fleet.cattle.io\n resources:\n - gitrepos\n - bundles\n - clusterregistrationtokens\n - gitreporestrictions\n - clusters\n - clustergroups\n verbs:\n - '*'\n project2:\n - apiGroups:\n - fleet.cattle.io\n resources:\n - gitrepos\n - bundles\n - clusterregistrationtokens\n - gitreporestrictions\n - clusters\n - clustergroups\n verbs:\n - '*'\nrules:\n - apiGroups:\n - management.cattle.io\n resourceNames:\n - project1\n - project2\n resources:\n - fleetworkspaces\n verbs:\n - '*'\n")),(0,r.kt)("p",null,"Assign the ",(0,r.kt)("inlineCode",{parentName:"p"},"GlobalRole")," to users or groups, more info can be found in the ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/global-permissions#configuring-global-permissions-for-individual-users"},"Rancher docs")),(0,r.kt)("p",null,"The user now has access to the ",(0,r.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," tab in Rancher and can deploy resources to both the ",(0,r.kt)("inlineCode",{parentName:"p"},"project1")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"project2")," workspaces."),(0,r.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,r.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,r.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,r.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,r.kt)("a",{parentName:"p",href:"/namespaces#cross-namespace-deployments"},(0,r.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,r.kt)("p",null,"The ",(0,r.kt)("a",{parentName:"p",href:"/gitrepo-targets"},(0,r.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,r.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,r.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,r.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,r.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,r.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,r.kt)("p",null,"This includes the ",(0,r.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,r.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,r.kt)("p",null,"Together with the previous ",(0,r.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,r.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4126],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=a.createContext({}),c=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=r,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?a.createElement(h,l(l({ref:t},p),{},{components:n})):a.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/docs/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/multi-user.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/gitrepo-add"}},i={},c=[{value:"Example Fleet Standalone",id:"example-fleet-standalone",level:2},{value:"Example Fleet in Rancher",id:"example-fleet-in-rancher",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,r.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,r.kt)("p",null,"One addition on top of RBAC is the ",(0,r.kt)("a",{parentName:"p",href:"/namespaces#restricting-gitrepos"},(0,r.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,r.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,r.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,r.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,r.kt)("admonition",{title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,r.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,r.kt)("h2",{id:"example-fleet-standalone"},"Example Fleet Standalone"),(0,r.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,r.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,r.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,r.kt)("h2",{id:"example-fleet-in-rancher"},"Example Fleet in Rancher"),(0,r.kt)("p",null,"When a new fleet workspace is created, a corresponding namespace with an identical name is automatically generated within the Rancher local cluster.\nFor a user to see and deploy fleet resources in a specific workspace, they need at least the following permissions:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"list/get the ",(0,r.kt)("inlineCode",{parentName:"li"},"fleetworkspace")," cluster-wide resource in the local cluster"),(0,r.kt)("li",{parentName:"ul"},"Permissions to create fleet resources (such as ",(0,r.kt)("inlineCode",{parentName:"li"},"bundles"),", ",(0,r.kt)("inlineCode",{parentName:"li"},"gitrepos"),", ...) in the backing namespace for the workspace in the local cluster. ")),(0,r.kt)("p",null,"Let's grant permissions to deploy fleet resources in the ",(0,r.kt)("inlineCode",{parentName:"p"},"project1")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"project2")," fleet workspaces:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"To create the ",(0,r.kt)("inlineCode",{parentName:"li"},"project1")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"project2")," fleet workspaces, you can either do it in the ",(0,r.kt)("a",{parentName:"li",href:"https://ranchermanager.docs.rancher.com/integrations-in-rancher/fleet/overview#accessing-fleet-in-the-rancher-ui"},"Rancher UI")," or use the following YAML resources:")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"apiVersion: management.cattle.io/v3\nkind: FleetWorkspace\nmetadata:\n name: project1\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"apiVersion: management.cattle.io/v3\nkind: FleetWorkspace\nmetadata:\n name: project2\n")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Create a ",(0,r.kt)("inlineCode",{parentName:"li"},"GlobalRole")," that grants permission to deploy fleet resources in the ",(0,r.kt)("inlineCode",{parentName:"li"},"project1")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"project2")," fleet workspaces:")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"apiVersion: management.cattle.io/v3\nkind: GlobalRole\nmetadata:\n name: fleet-projects1and2\nnamespacedRules:\n project1:\n - apiGroups:\n - fleet.cattle.io\n resources:\n - gitrepos\n - bundles\n - clusterregistrationtokens\n - gitreporestrictions\n - clusters\n - clustergroups\n verbs:\n - '*'\n project2:\n - apiGroups:\n - fleet.cattle.io\n resources:\n - gitrepos\n - bundles\n - clusterregistrationtokens\n - gitreporestrictions\n - clusters\n - clustergroups\n verbs:\n - '*'\nrules:\n - apiGroups:\n - management.cattle.io\n resourceNames:\n - project1\n - project2\n resources:\n - fleetworkspaces\n verbs:\n - '*'\n")),(0,r.kt)("p",null,"Assign the ",(0,r.kt)("inlineCode",{parentName:"p"},"GlobalRole")," to users or groups, more info can be found in the ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/global-permissions#configuring-global-permissions-for-individual-users"},"Rancher docs")),(0,r.kt)("p",null,"The user now has access to the ",(0,r.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," tab in Rancher and can deploy resources to both the ",(0,r.kt)("inlineCode",{parentName:"p"},"project1")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"project2")," workspaces."),(0,r.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,r.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,r.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,r.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,r.kt)("a",{parentName:"p",href:"/namespaces#cross-namespace-deployments"},(0,r.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,r.kt)("p",null,"The ",(0,r.kt)("a",{parentName:"p",href:"/gitrepo-targets"},(0,r.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,r.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,r.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,r.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,r.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,r.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,r.kt)("p",null,"This includes the ",(0,r.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,r.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,r.kt)("p",null,"Together with the previous ",(0,r.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,r.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>a});const a=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file diff --git a/assets/js/963c03f5.eda7162b.js b/assets/js/963c03f5.856704fc.js similarity index 98% rename from assets/js/963c03f5.eda7162b.js rename to assets/js/963c03f5.856704fc.js index 9d6352102..3c242b1d5 100644 --- a/assets/js/963c03f5.eda7162b.js +++ b/assets/js/963c03f5.856704fc.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[203],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},f=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),f=c(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||r;return n?a.createElement(d,i(i({ref:t},u),{},{components:n})):a.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>c});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"version-0.7/ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/versioned_docs/version-0.7/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/0.7/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-configuration.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/0.7/ref-registration"},next:{title:"Custom Resources Spec",permalink:"/0.7/ref-crds"}},s={},c=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2},{value:"Fleet agent configuration",id:"fleet-agent-configuration",level:2}],u={toc:c};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent"),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused")),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))),(0,l.kt)("h2",{id:"fleet-agent-configuration"},"Fleet agent configuration"),(0,l.kt)("p",null,"Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a\n",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/ref-crds#clusterspec"},"Cluster"),", see ",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/cluster-registration"},"Registering Downstream Cluster")," for more info on how to create\nClusters. Default configuration will be used if these fields are not provided."),(0,l.kt)("p",null,"If you change the resources limits, make sure the limits allow the fleet-agent to work normally."),(0,l.kt)("p",null,"Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults.\nAgents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[203],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},f=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),f=c(n),m=l,d=f["".concat(s,".").concat(m)]||f[m]||p[m]||r;return n?a.createElement(d,i(i({ref:t},u),{},{components:n})):a.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>c});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"version-0.7/ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/versioned_docs/version-0.7/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/0.7/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-configuration.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/0.7/ref-registration"},next:{title:"Custom Resources Spec",permalink:"/0.7/ref-crds"}},s={},c=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2},{value:"Fleet agent configuration",id:"fleet-agent-configuration",level:2}],u={toc:c};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent"),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused")),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))),(0,l.kt)("h2",{id:"fleet-agent-configuration"},"Fleet agent configuration"),(0,l.kt)("p",null,"Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a\n",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/ref-crds#clusterspec"},"Cluster"),", see ",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/cluster-registration"},"Registering Downstream Cluster")," for more info on how to create\nClusters. Default configuration will be used if these fields are not provided."),(0,l.kt)("p",null,"If you change the resources limits, make sure the limits allow the fleet-agent to work normally."),(0,l.kt)("p",null,"Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults.\nAgents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/96465f27.23cdd5d9.js b/assets/js/96465f27.3f98e66e.js similarity index 99% rename from assets/js/96465f27.23cdd5d9.js rename to assets/js/96465f27.3f98e66e.js index f0b7b7d74..511615ff1 100644 --- a/assets/js/96465f27.23cdd5d9.js +++ b/assets/js/96465f27.3f98e66e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7537],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.8/bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.8/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.8/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/bundle-diffs.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.8/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/0.8/webhook"}},l={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,"In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto."),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec."),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7537],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.8/bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.8/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.8/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/bundle-diffs.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.8/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/0.8/webhook"}},l={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,"In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto."),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec."),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file diff --git a/assets/js/97c3cd43.8a40da63.js b/assets/js/97c3cd43.4b3c5636.js similarity index 97% rename from assets/js/97c3cd43.8a40da63.js rename to assets/js/97c3cd43.4b3c5636.js index f7849ee00..991491243 100644 --- a/assets/js/97c3cd43.8a40da63.js +++ b/assets/js/97c3cd43.4b3c5636.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2299],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=f(n),d=l,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>f});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"version-0.7/cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/versioned_docs/version-0.7/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/0.7/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-cli/fleet.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/0.7/cli/fleet-agent/"},next:{title:"fleet apply",permalink:"/0.7/cli/fleet-cli/fleet_apply"}},c={},f=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:f};function s(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet"},"fleet"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_test"},"fleet test"),"\t - Match a bundle to a target and render the output")))}s.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2299],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=f(n),d=l,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>f});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"version-0.7/cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/versioned_docs/version-0.7/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/0.7/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-cli/fleet.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/0.7/cli/fleet-agent/"},next:{title:"fleet apply",permalink:"/0.7/cli/fleet-cli/fleet_apply"}},c={},f=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:f};function s(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet"},"fleet"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_test"},"fleet test"),"\t - Match a bundle to a target and render the output")))}s.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/97d7d53e.f3aec062.js b/assets/js/97d7d53e.fe2e8ef0.js similarity index 98% rename from assets/js/97d7d53e.f3aec062.js rename to assets/js/97d7d53e.fe2e8ef0.js index 383f70e00..4f969ed55 100644 --- a/assets/js/97d7d53e.f3aec062.js +++ b/assets/js/97d7d53e.fe2e8ef0.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6967],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"version-0.9/cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/versioned_docs/version-0.9/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/0.9/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-cli/fleet_test.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/0.9/cli/fleet-cli/fleet_apply"},next:{title:"fleet-manager",permalink:"/0.9/cli/fleet-controller/fleet-manager"}},s={},c=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6967],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"version-0.9/cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/versioned_docs/version-0.9/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/0.9/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-cli/fleet_test.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/0.9/cli/fleet-cli/fleet_apply"},next:{title:"fleet-manager",permalink:"/0.9/cli/fleet-controller/fleet-manager"}},s={},c=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/984cdf04.23b12d2b.js b/assets/js/984cdf04.f93c61b0.js similarity index 99% rename from assets/js/984cdf04.23b12d2b.js rename to assets/js/984cdf04.f93c61b0.js index 57611ea22..01bff1ca7 100644 --- a/assets/js/984cdf04.23b12d2b.js +++ b/assets/js/984cdf04.f93c61b0.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1332],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},5083:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"version-0.6/tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/versioned_docs/version-0.6/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/0.6/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/tut-deployment.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.6/quickstart"},next:{title:"Uninstall",permalink:"/0.6/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/0.6/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},5083:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"version-0.6/tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/versioned_docs/version-0.6/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/0.6/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/tut-deployment.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.6/quickstart"},next:{title:"Uninstall",permalink:"/0.6/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/0.6/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=a.createContext({}),l=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=l(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,c=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=l(n),u=r,g=d["".concat(c,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var c in t)hasOwnProperty.call(t,c)&&(s[c]=t[c]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>l});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"version-0.7/imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.7/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.7/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/imagescan.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/0.7/webhook"},next:{title:"Create a Bundle Resource",permalink:"/0.7/bundle-add"}},c={},l=[],m={toc:l};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order\n- policy:\n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver:\n range: "*"\n # can use ascending or descending order\n alphabetical:\n order: asc\n\n # specify images to scan\n image: "your.registry.com/repo/image"\n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret\n\n # Specify the scan interval\n interval: 5m\n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples\n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m\n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret\n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9801],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=a.createContext({}),l=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=l(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,c=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=l(n),u=r,g=d["".concat(c,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var c in t)hasOwnProperty.call(t,c)&&(s[c]=t[c]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>l});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"version-0.7/imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.7/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.7/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/imagescan.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/0.7/webhook"},next:{title:"Create a Bundle Resource",permalink:"/0.7/bundle-add"}},c={},l=[],m={toc:l};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order\n- policy:\n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver:\n range: "*"\n # can use ascending or descending order\n alphabetical:\n order: asc\n\n # specify images to scan\n image: "your.registry.com/repo/image"\n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret\n\n # Specify the scan interval\n interval: 5m\n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples\n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m\n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret\n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/9d91368e.57110304.js b/assets/js/9d91368e.bb163fd0.js similarity index 97% rename from assets/js/9d91368e.57110304.js rename to assets/js/9d91368e.bb163fd0.js index de5786270..2ac4f8543 100644 --- a/assets/js/9d91368e.57110304.js +++ b/assets/js/9d91368e.bb163fd0.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[501],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=a.createContext({}),l=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=l(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,c=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=l(n),u=r,g=d["".concat(c,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var c in t)hasOwnProperty.call(t,c)&&(s[c]=t[c]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>l});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"version-0.8/imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.8/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.8/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/imagescan.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/0.8/webhook"},next:{title:"Create a Bundle Resource",permalink:"/0.8/bundle-add"}},c={},l=[],m={toc:l};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order\n- policy:\n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver:\n range: "*"\n # can use ascending or descending order\n alphabetical:\n order: asc\n\n # specify images to scan\n image: "your.registry.com/repo/image"\n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret\n\n # Specify the scan interval\n interval: 5m\n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples\n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m\n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret\n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[501],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=a.createContext({}),l=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=l(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,c=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=l(n),u=r,g=d["".concat(c,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var c in t)hasOwnProperty.call(t,c)&&(s[c]=t[c]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>l});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"version-0.8/imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.8/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.8/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/imagescan.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/0.8/webhook"},next:{title:"Create a Bundle Resource",permalink:"/0.8/bundle-add"}},c={},l=[],m={toc:l};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order\n- policy:\n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver:\n range: "*"\n # can use ascending or descending order\n alphabetical:\n order: asc\n\n # specify images to scan\n image: "your.registry.com/repo/image"\n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret\n\n # Specify the scan interval\n interval: 5m\n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples\n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m\n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret\n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/9d9f8394.9e48ad5c.js b/assets/js/9d9f8394.dae8b01a.js similarity index 99% rename from assets/js/9d9f8394.9e48ad5c.js rename to assets/js/9d9f8394.dae8b01a.js index 3afac48d8..aa76a1624 100644 --- a/assets/js/9d9f8394.9e48ad5c.js +++ b/assets/js/9d9f8394.dae8b01a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9360],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/docs/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/troubleshooting.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Resource",permalink:"/ref-bundle"},next:{title:"Next \ud83d\udea7",permalink:"/changelogs/changelogs/next"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Fetch detailed status from GitRepos and Bundles?",id:"fetch-detailed-status-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled."),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"fetch-detailed-status-from-gitrepos-and-bundles"},"Fetch detailed status from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"For debugging and bug reports the raw JSON of the resources status fields is most useful.\nThis can be accessed in the Rancher UI, or through ",(0,a.kt)("inlineCode",{parentName:"p"},"kubectl"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}\nkubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}\n")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo."),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority"\n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm:\n releaseName: \n repo: \n chart: \ndiff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations"\n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/bundle-diffs"},"bundle diffs documentation")," for more information.")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9360],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/docs/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/troubleshooting.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Resource",permalink:"/ref-bundle"},next:{title:"Next \ud83d\udea7",permalink:"/changelogs/changelogs/next"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Fetch detailed status from GitRepos and Bundles?",id:"fetch-detailed-status-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled."),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"fetch-detailed-status-from-gitrepos-and-bundles"},"Fetch detailed status from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"For debugging and bug reports the raw JSON of the resources status fields is most useful.\nThis can be accessed in the Rancher UI, or through ",(0,a.kt)("inlineCode",{parentName:"p"},"kubectl"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}\nkubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}\n")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo."),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority"\n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm:\n releaseName: \n repo: \n chart: \ndiff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations"\n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/bundle-diffs"},"bundle diffs documentation")," for more information.")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/9db89767.b3210693.js b/assets/js/9db89767.4245fec3.js similarity index 99% rename from assets/js/9db89767.b3210693.js rename to assets/js/9db89767.4245fec3.js index 03fb8de17..8290151fc 100644 --- a/assets/js/9db89767.b3210693.js +++ b/assets/js/9db89767.4245fec3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9510],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"version-0.7/multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/versioned_docs/version-0.7/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/0.7/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/multi-user.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/0.7/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/0.7/gitrepo-add"}},i={},c=[{value:"Example User",id:"example-user",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,a.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,a.kt)("p",null,"One addition on top of RBAC is the ",(0,a.kt)("a",{parentName:"p",href:"/0.7/namespaces#restricting-gitrepos"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,a.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,a.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,a.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,a.kt)("admonition",{title:"important information",type:"warning"},(0,a.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,a.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,a.kt)("h2",{id:"example-user"},"Example User"),(0,a.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,a.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,a.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,a.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,a.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,a.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,a.kt)("a",{parentName:"p",href:"/0.7/namespaces#cross-namespace-deployments"},(0,a.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,a.kt)("p",null,"The ",(0,a.kt)("a",{parentName:"p",href:"/0.7/gitrepo-targets"},(0,a.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,a.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,a.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,a.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,a.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,a.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,a.kt)("p",null,"This includes the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,a.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,a.kt)("p",null,"Together with the previous ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,a.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9510],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"version-0.7/multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/versioned_docs/version-0.7/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/0.7/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/multi-user.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/0.7/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/0.7/gitrepo-add"}},i={},c=[{value:"Example User",id:"example-user",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,a.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,a.kt)("p",null,"One addition on top of RBAC is the ",(0,a.kt)("a",{parentName:"p",href:"/0.7/namespaces#restricting-gitrepos"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,a.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,a.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,a.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,a.kt)("admonition",{title:"important information",type:"warning"},(0,a.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,a.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,a.kt)("h2",{id:"example-user"},"Example User"),(0,a.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,a.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,a.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,a.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,a.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,a.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,a.kt)("a",{parentName:"p",href:"/0.7/namespaces#cross-namespace-deployments"},(0,a.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,a.kt)("p",null,"The ",(0,a.kt)("a",{parentName:"p",href:"/0.7/gitrepo-targets"},(0,a.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,a.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,a.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,a.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,a.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,a.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,a.kt)("p",null,"This includes the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,a.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,a.kt)("p",null,"Together with the previous ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,a.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file diff --git a/assets/js/9fc6df8f.b6d4808a.js b/assets/js/9fc6df8f.da41a6ab.js similarity index 99% rename from assets/js/9fc6df8f.b6d4808a.js rename to assets/js/9fc6df8f.da41a6ab.js index de89304db..4447289d2 100644 --- a/assets/js/9fc6df8f.b6d4808a.js +++ b/assets/js/9fc6df8f.da41a6ab.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5959],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},3504:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"version-0.9/tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/versioned_docs/version-0.9/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/0.9/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/tut-deployment.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.9/quickstart"},next:{title:"Uninstall",permalink:"/0.9/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/0.9/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},3504:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"version-0.9/tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/versioned_docs/version-0.9/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/0.9/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/tut-deployment.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/0.9/quickstart"},next:{title:"Uninstall",permalink:"/0.9/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/0.9/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{n.d(t,{Zo:()=>m,kt:()=>c});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,m=o(e,["components","mdxType","originalType","parentName"]),u=p(n),c=r,h=u["".concat(s,".").concat(c)]||u[c]||d[c]||l;return n?a.createElement(h,i(i({ref:t},m),{},{components:n})):a.createElement(h,i({ref:t},m))}));function c(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,i=new Array(l);i[0]=u;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:r,i[1]=o;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>l,metadata:()=>o,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const l={},i="Git Repository Contents",o={unversionedId:"gitrepo-content",id:"gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/docs/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/gitrepo-content.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/namespaces"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"Excluding files and directories from bundles",id:"excluding-files-and-directories-from-bundles",level:3},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:2}],m={toc:p};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h3",{id:"excluding-files-and-directories-from-bundles"},"Excluding files and directories from bundles"),(0,r.kt)("p",null,"Fleet supports file and directory exclusion by means of ",(0,r.kt)("inlineCode",{parentName:"p"},".fleetignore")," files, in a similar fashion to how ",(0,r.kt)("inlineCode",{parentName:"p"},".gitignore"),"\nfiles behave in git repositories:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Glob syntax is used to match files or directories, using Golang's\n",(0,r.kt)("a",{parentName:"li",href:"https://pkg.go.dev/path/filepath#Match"},(0,r.kt)("inlineCode",{parentName:"a"},"filepath.Match"))),(0,r.kt)("li",{parentName:"ul"},"Empty lines are skipped, and can therefore be used to improve readability"),(0,r.kt)("li",{parentName:"ul"},"Characters like white spaces and ",(0,r.kt)("inlineCode",{parentName:"li"},"#")," can be escaped with a backslash"),(0,r.kt)("li",{parentName:"ul"},"Trailing spaces are ignored, unless escaped"),(0,r.kt)("li",{parentName:"ul"},"Comments, ie lines starting with unescaped ",(0,r.kt)("inlineCode",{parentName:"li"},"#"),", are skipped"),(0,r.kt)("li",{parentName:"ul"},"A given line can match a file or a directory, even if no separator is provided: eg. ",(0,r.kt)("inlineCode",{parentName:"li"},"subdir/*")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"subdir")," are both\nvalid ",(0,r.kt)("inlineCode",{parentName:"li"},".fleetignore")," lines, and ",(0,r.kt)("inlineCode",{parentName:"li"},"subdir")," matches both files and directories called ",(0,r.kt)("inlineCode",{parentName:"li"},"subdir")),(0,r.kt)("li",{parentName:"ul"},"A match may be found for a file or directory at any level below the directory where a ",(0,r.kt)("inlineCode",{parentName:"li"},".fleetignore")," lives, ie\n",(0,r.kt)("inlineCode",{parentName:"li"},"foo.yaml")," will match ",(0,r.kt)("inlineCode",{parentName:"li"},"./foo.yaml")," as well as ",(0,r.kt)("inlineCode",{parentName:"li"},"./path/to/foo.yaml")),(0,r.kt)("li",{parentName:"ul"},"Multiple ",(0,r.kt)("inlineCode",{parentName:"li"},".fleetignore")," files are supported. For instance, in the following directory structure, only\n",(0,r.kt)("inlineCode",{parentName:"li"},"root/something.yaml"),", ",(0,r.kt)("inlineCode",{parentName:"li"},"bar/something2.yaml")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"foo/something.yaml")," will end up in a bundle:")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"root/\n\u251c\u2500\u2500 .fleetignore # contains `ignore-always.yaml'\n\u251c\u2500\u2500 something.yaml\n\u251c\u2500\u2500 bar\n\u2502\xa0\xa0 \u251c\u2500\u2500 .fleetignore # contains `something.yaml`\n\u2502\xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n\u2502\xa0\xa0 \u251c\u2500\u2500 something2.yaml\n\u2502\xa0\xa0 \u2514\u2500\u2500 something.yaml\n\u2514\u2500\u2500 foo\n \xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n \xa0\xa0 \u2514\u2500\u2500 something.yaml\n")),(0,r.kt)("p",null,"This currently comes with a few limitations, the following not being supported:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Double asterisks (",(0,r.kt)("inlineCode",{parentName:"li"},"**"),")"),(0,r.kt)("li",{parentName:"ul"},"Explicit inclusions with ",(0,r.kt)("inlineCode",{parentName:"li"},"!"))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("p",null,"The available fields are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/ref-fleet-yaml"},"fleet.yaml reference")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,r.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,r.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,r.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,r.kt)("p",null,"The resources can then be referenced from a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: all\n # Match everything\n clusterSelector: {}\n- name: none\n # Selector ignored\n clusterSelector: null\n")),(0,r.kt)("p",null,"When matching a cluster by name, make sure to use the name of the\n",(0,r.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource. The Rancher UI also has a provisioning and\na management cluster resource. Since the management cluster resource is not\nnamespaced, its name is different and contains a random suffix."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: prod\n clusterName: fleetname\n")),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"gitrepo-targets#customization-per-cluster"},"Mapping to Downstream Clusters")," for more information and a list of supported customizations."),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/cluster-bundles-state"},"Cluster and Bundle state"),"."),(0,r.kt)("h2",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,r.kt)("p",null,"Nested ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo CRs")," (defining a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," that points to a repository containing one or more ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resources) is supported.\nYou can use this feature to take advantage of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitOps")," in your ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resources or, for example, to split complex scenarios into more than one ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource.\nWhen finding a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," in a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Fleet will simply deploy it as any other resource."),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/multi-gitrepo"},"this example"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3803],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>c});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),p=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=p(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,m=o(e,["components","mdxType","originalType","parentName"]),u=p(n),c=r,h=u["".concat(s,".").concat(c)]||u[c]||d[c]||l;return n?a.createElement(h,i(i({ref:t},m),{},{components:n})):a.createElement(h,i({ref:t},m))}));function c(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,i=new Array(l);i[0]=u;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:r,i[1]=o;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>d,frontMatter:()=>l,metadata:()=>o,toc:()=>p});var a=n(7462),r=(n(7294),n(3905));const l={},i="Git Repository Contents",o={unversionedId:"gitrepo-content",id:"gitrepo-content",title:"Git Repository Contents",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/docs/gitrepo-content.md",sourceDirName:".",slug:"/gitrepo-content",permalink:"/gitrepo-content",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/gitrepo-content.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Lifecycle",permalink:"/ref-bundle-stages"},next:{title:"Namespaces",permalink:"/namespaces"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"Excluding files and directories from bundles",id:"excluding-files-and-directories-from-bundles",level:3},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Using Helm Values",id:"using-helm-values",level:2},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle State",id:"cluster-and-bundle-state",level:2},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:2}],m={toc:p};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"git-repository-contents"},"Git Repository Contents"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h3",{id:"excluding-files-and-directories-from-bundles"},"Excluding files and directories from bundles"),(0,r.kt)("p",null,"Fleet supports file and directory exclusion by means of ",(0,r.kt)("inlineCode",{parentName:"p"},".fleetignore")," files, in a similar fashion to how ",(0,r.kt)("inlineCode",{parentName:"p"},".gitignore"),"\nfiles behave in git repositories:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Glob syntax is used to match files or directories, using Golang's\n",(0,r.kt)("a",{parentName:"li",href:"https://pkg.go.dev/path/filepath#Match"},(0,r.kt)("inlineCode",{parentName:"a"},"filepath.Match"))),(0,r.kt)("li",{parentName:"ul"},"Empty lines are skipped, and can therefore be used to improve readability"),(0,r.kt)("li",{parentName:"ul"},"Characters like white spaces and ",(0,r.kt)("inlineCode",{parentName:"li"},"#")," can be escaped with a backslash"),(0,r.kt)("li",{parentName:"ul"},"Trailing spaces are ignored, unless escaped"),(0,r.kt)("li",{parentName:"ul"},"Comments, ie lines starting with unescaped ",(0,r.kt)("inlineCode",{parentName:"li"},"#"),", are skipped"),(0,r.kt)("li",{parentName:"ul"},"A given line can match a file or a directory, even if no separator is provided: eg. ",(0,r.kt)("inlineCode",{parentName:"li"},"subdir/*")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"subdir")," are both\nvalid ",(0,r.kt)("inlineCode",{parentName:"li"},".fleetignore")," lines, and ",(0,r.kt)("inlineCode",{parentName:"li"},"subdir")," matches both files and directories called ",(0,r.kt)("inlineCode",{parentName:"li"},"subdir")),(0,r.kt)("li",{parentName:"ul"},"A match may be found for a file or directory at any level below the directory where a ",(0,r.kt)("inlineCode",{parentName:"li"},".fleetignore")," lives, ie\n",(0,r.kt)("inlineCode",{parentName:"li"},"foo.yaml")," will match ",(0,r.kt)("inlineCode",{parentName:"li"},"./foo.yaml")," as well as ",(0,r.kt)("inlineCode",{parentName:"li"},"./path/to/foo.yaml")),(0,r.kt)("li",{parentName:"ul"},"Multiple ",(0,r.kt)("inlineCode",{parentName:"li"},".fleetignore")," files are supported. For instance, in the following directory structure, only\n",(0,r.kt)("inlineCode",{parentName:"li"},"root/something.yaml"),", ",(0,r.kt)("inlineCode",{parentName:"li"},"bar/something2.yaml")," and ",(0,r.kt)("inlineCode",{parentName:"li"},"foo/something.yaml")," will end up in a bundle:")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"root/\n\u251c\u2500\u2500 .fleetignore # contains `ignore-always.yaml'\n\u251c\u2500\u2500 something.yaml\n\u251c\u2500\u2500 bar\n\u2502\xa0\xa0 \u251c\u2500\u2500 .fleetignore # contains `something.yaml`\n\u2502\xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n\u2502\xa0\xa0 \u251c\u2500\u2500 something2.yaml\n\u2502\xa0\xa0 \u2514\u2500\u2500 something.yaml\n\u2514\u2500\u2500 foo\n \xa0\xa0 \u251c\u2500\u2500 ignore-always.yaml\n \xa0\xa0 \u2514\u2500\u2500 something.yaml\n")),(0,r.kt)("p",null,"This currently comes with a few limitations, the following not being supported:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"Double asterisks (",(0,r.kt)("inlineCode",{parentName:"li"},"**"),")"),(0,r.kt)("li",{parentName:"ul"},"Explicit inclusions with ",(0,r.kt)("inlineCode",{parentName:"li"},"!"))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("p",null,"The available fields are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/ref-fleet-yaml"},"fleet.yaml reference")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"/gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h2",{id:"using-helm-values"},"Using Helm Values"),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),". That means ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom")," will take precedence over both, ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFiles")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"values"),"."))),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in ",(0,r.kt)("em",{parentName:"p"},"downstream clusters"),"."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 3\n serviceType: NodePort\n")),(0,r.kt)("p",null,"A secret like that, can be created from a YAML file ",(0,r.kt)("inlineCode",{parentName:"p"},"secretdata.yaml")," by running the following kubectl command: ",(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret generic secret-values --from-file=values.yaml=secretdata.yaml")),(0,r.kt)("p",null,"The resources can then be referenced from a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'helm:\n chart: simple-chart\n valuesFrom:\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n - configMapKeyRef:\n name: configmap-values\n namespace: default\n key: values.yaml\n values:\n replicas: "4"\n')),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: all\n # Match everything\n clusterSelector: {}\n- name: none\n # Selector ignored\n clusterSelector: null\n")),(0,r.kt)("p",null,"When matching a cluster by name, make sure to use the name of the\n",(0,r.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource. The Rancher UI also has a provisioning and\na management cluster resource. Since the management cluster resource is not\nnamespaced, its name is different and contains a random suffix."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targetCustomizations:\n- name: prod\n clusterName: fleetname\n")),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"gitrepo-targets#customization-per-cluster"},"Mapping to Downstream Clusters")," for more information and a list of supported customizations."),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file will be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents of a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/cluster-bundles-state"},"Cluster and Bundle state"),"."),(0,r.kt)("h2",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,r.kt)("p",null,"Nested ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo CRs")," (defining a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," that points to a repository containing one or more ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resources) is supported.\nYou can use this feature to take advantage of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitOps")," in your ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resources or, for example, to split complex scenarios into more than one ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource.\nWhen finding a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," in a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Fleet will simply deploy it as any other resource."),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/multi-gitrepo"},"this example"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/a2c468b1.0d653d33.js b/assets/js/a2c468b1.c0b9a92b.js similarity index 99% rename from assets/js/a2c468b1.0d653d33.js rename to assets/js/a2c468b1.c0b9a92b.js index b3395f837..c5fc8ae7b 100644 --- a/assets/js/a2c468b1.0d653d33.js +++ b/assets/js/a2c468b1.c0b9a92b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2361],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs for Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.4/bundle-diffs",title:"Generating Diffs for Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.4/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.4/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/bundle-diffs.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.4/gitrepo-targets"},next:{title:"Webhook",permalink:"/0.4/webhook"}},l={},p=[{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-for-modified-gitrepos"},"Generating Diffs for Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec. "),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")," "),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and "),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2361],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs for Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.4/bundle-diffs",title:"Generating Diffs for Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.4/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.4/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/bundle-diffs.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.4/gitrepo-targets"},next:{title:"Webhook",permalink:"/0.4/webhook"}},l={},p=[{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-for-modified-gitrepos"},"Generating Diffs for Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec. "),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")," "),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and "),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file diff --git a/assets/js/a60f0c4b.07889b3c.js b/assets/js/a60f0c4b.ef4a2420.js similarity index 97% rename from assets/js/a60f0c4b.07889b3c.js rename to assets/js/a60f0c4b.ef4a2420.js index 1ab6f908a..dcb22549c 100644 --- a/assets/js/a60f0c4b.07889b3c.js +++ b/assets/js/a60f0c4b.ef4a2420.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1079],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.7/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.7/index.md",sourceDirName:".",slug:"/",permalink:"/0.7/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/index.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.7/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1079],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.7/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.7/index.md",sourceDirName:".",slug:"/",permalink:"/0.7/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/index.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.7/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file diff --git a/assets/js/a8ca5d11.08c2e0d1.js b/assets/js/a8ca5d11.65747e9d.js similarity index 99% rename from assets/js/a8ca5d11.08c2e0d1.js rename to assets/js/a8ca5d11.65747e9d.js index 8c9e27b56..973c64efc 100644 --- a/assets/js/a8ca5d11.08c2e0d1.js +++ b/assets/js/a8ca5d11.65747e9d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1697],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>h});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),s=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},d=function(e){var t=s(e.components);return n.createElement(p.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),m=s(a),h=r,u=m["".concat(p,".").concat(h)]||m[h]||c[h]||i;return a?n.createElement(u,l(l({ref:t},d),{},{components:a})):n.createElement(u,l({ref:t},d))}));function h(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,l=new Array(i);l[0]=m;var o={};for(var p in t)hasOwnProperty.call(t,p)&&(o[p]=t[p]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>l,default:()=>c,frontMatter:()=>i,metadata:()=>o,toc:()=>s});var n=a(7462),r=(a(7294),a(3905));const i={},l="Create a GitRepo Resource",o={unversionedId:"gitrepo-add",id:"version-0.8/gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/versioned_docs/version-0.8/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.8/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/gitrepo-add.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/0.8/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.8/gitrepo-targets"}},p={},s=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2},{value:"Use different helm credentials for each path",id:"use-different-helm-credentials-for-each-path",level:3}],d={toc:s};function c(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/0.8/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/0.8/gitrepo-content"},"Git Repository Contents")," has detail about the content of the Git repository."),(0,r.kt)("p",null,"The available fields of the GitRepo custom resource are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.8/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.8/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.8/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Use ",(0,r.kt)("a",{parentName:"p",href:"#use-different-helm-credentials-for-each-path"},"different helm credentials for each path"),",\nor split them into different gitrepos, or use ",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h3",{id:"use-different-helm-credentials-for-each-path"},"Use different helm credentials for each path"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName")," will be ignored if ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretNameForPaths")," is provided")),(0,r.kt)("p",null,"Create a file ",(0,r.kt)("inlineCode",{parentName:"p"},"secrets-path.yaml")," that contains credentials for each path defined in a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". Credentials will not be used\nfor paths that are not present in this file.\nThe path is the actual path to the bundle (ie to a folder containing a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file) within the git repository, which might have more segments than the entry under ",(0,r.kt)("inlineCode",{parentName:"p"},"paths:"),"."),(0,r.kt)("p",null,"Example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"path-one: # path path-one must exist in the repository\n username: user\n password: pass\npath-two: # path path-one must exist in the repository\n username: user2\n password: pass2\n caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=\n sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n")),(0,r.kt)("p",null,"Create the secret"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml\n")),(0,r.kt)("p",null,"In the previous example credentials for username ",(0,r.kt)("inlineCode",{parentName:"p"},"user")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-one")," and credentials for username\n",(0,r.kt)("inlineCode",{parentName:"p"},"user2")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-two"),"."),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"caBundle")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"sshPrivateKey")," must be base64 encoded."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.8/troubleshooting"},"here"),".")))}c.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1697],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>h});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function l(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var p=n.createContext({}),s=function(e){var t=n.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):l(l({},t),e)),a},d=function(e){var t=s(e.components);return n.createElement(p.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,i=e.originalType,p=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),m=s(a),h=r,u=m["".concat(p,".").concat(h)]||m[h]||c[h]||i;return a?n.createElement(u,l(l({ref:t},d),{},{components:a})):n.createElement(u,l({ref:t},d))}));function h(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=a.length,l=new Array(i);l[0]=m;var o={};for(var p in t)hasOwnProperty.call(t,p)&&(o[p]=t[p]);o.originalType=e,o.mdxType="string"==typeof e?e:r,l[1]=o;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>l,default:()=>c,frontMatter:()=>i,metadata:()=>o,toc:()=>s});var n=a(7462),r=(a(7294),a(3905));const i={},l="Create a GitRepo Resource",o={unversionedId:"gitrepo-add",id:"version-0.8/gitrepo-add",title:"Create a GitRepo Resource",description:"Create GitRepo Instance",source:"@site/versioned_docs/version-0.8/gitrepo-add.md",sourceDirName:".",slug:"/gitrepo-add",permalink:"/0.8/gitrepo-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/gitrepo-add.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Setup Multi User",permalink:"/0.8/multi-user"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.8/gitrepo-targets"}},p={},s=[{value:"Create GitRepo Instance",id:"create-gitrepo-instance",level:2},{value:"Proper Namespace",id:"proper-namespace",level:2},{value:"Adding Private Git Repository",id:"adding-private-git-repository",level:2},{value:"Using HTTP Auth",id:"using-http-auth",level:3},{value:"Using Private Helm Repositories",id:"using-private-helm-repositories",level:2},{value:"Use different helm credentials for each path",id:"use-different-helm-credentials-for-each-path",level:3}],d={toc:s};function c(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-gitrepo-resource"},"Create a GitRepo Resource"),(0,r.kt)("h2",{id:"create-gitrepo-instance"},"Create GitRepo Instance"),(0,r.kt)("p",null,"Git repositories are registered by creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource in Kubernetes. Refer\nto the ",(0,r.kt)("a",{parentName:"p",href:"/0.8/tut-deployment"},"creating a deployment tutorial")," for examples."),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/0.8/gitrepo-content"},"Git Repository Contents")," has detail about the content of the Git repository."),(0,r.kt)("p",null,"The available fields of the GitRepo custom resource are documented in the ",(0,r.kt)("a",{parentName:"p",href:"/0.8/ref-gitrepo"},"GitRepo resource reference")),(0,r.kt)("h2",{id:"proper-namespace"},"Proper Namespace"),(0,r.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,r.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,r.kt)("p",null,"If you are using Fleet in a ",(0,r.kt)("a",{parentName:"p",href:"/0.8/concepts"},"single cluster")," style, the namespace will always be ",(0,r.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,r.kt)("p",null,"For a ",(0,r.kt)("a",{parentName:"p",href:"/0.8/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,r.kt)("h2",{id:"adding-private-git-repository"},"Adding Private Git Repository"),(0,r.kt)("p",null,"Fleet supports both http and ssh auth key for private repository. To use this you have to create a secret in the same namespace."),(0,r.kt)("p",null,"For example, to generate a private ssh key"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},'ssh-keygen -t rsa -b 4096 -m pem -C "user@email.com"\n')),(0,r.kt)("p",null,"Note: The private key format has to be in ",(0,r.kt)("inlineCode",{parentName:"p"},"EC PRIVATE KEY"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"RSA PRIVATE KEY")," or ",(0,r.kt)("inlineCode",{parentName:"p"},"PRIVATE KEY")," and should not contain a passphase."),(0,r.kt)("p",null,"Put your private key into secret, use the namespace the GitRepo is in:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"kubectl create secret generic ssh-key -n fleet-default --from-file=ssh-privatekey=/file/to/private/key --type=kubernetes.io/ssh-auth\n")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Private key with passphrase is not supported.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"The key has to be in PEM format.")),(0,r.kt)("p",null,"Fleet supports putting ",(0,r.kt)("inlineCode",{parentName:"p"},"known_hosts")," into ssh secret. Here is an example of how to add it:"),(0,r.kt)("p",null,"Fetch the public key hash(take github as an example)"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"ssh-keyscan -H github.com\n")),(0,r.kt)("p",null,"And add it into secret:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-text"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: ssh-key\ntype: kubernetes.io/ssh-auth\nstringData:\n ssh-privatekey: \n known_hosts: |-\n |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n")),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"If you don't add it any server's public key will be trusted and added. (",(0,r.kt)("inlineCode",{parentName:"p"},"ssh -o stricthostkeychecking=accept-new")," will be used)")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.")),(0,r.kt)("h3",{id:"using-http-auth"},"Using HTTP Auth"),(0,r.kt)("p",null,"Create a secret containing username and password. You can replace the password with a personal access token if necessary. Also see ",(0,r.kt)("a",{parentName:"p",href:"./troubleshooting#http-secrets-in-github"},"HTTP secrets in Github"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic basic-auth-secret -n fleet-default --type=kubernetes.io/basic-auth --from-literal=username=$user --from-literal=password=$pat\n")),(0,r.kt)("p",null,"Just like with SSH, reference the secret in your GitRepo resource via ",(0,r.kt)("inlineCode",{parentName:"p"},"clientSecretName"),"."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"spec:\n repo: https://github.com/fleetrepoci/gitjob-private.git\n branch: main\n clientSecretName: basic-auth-secret\n")),(0,r.kt)("h2",{id:"using-private-helm-repositories"},"Using Private Helm Repositories"),(0,r.kt)("admonition",{type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"The credentials will be used unconditionally for all Helm repositories referenced by the gitrepo resource.\nMake sure you don't leak credentials by mixing public and private repositories. Use ",(0,r.kt)("a",{parentName:"p",href:"#use-different-helm-credentials-for-each-path"},"different helm credentials for each path"),",\nor split them into different gitrepos, or use ",(0,r.kt)("inlineCode",{parentName:"p"},"helmRepoURLRegex")," to limit the scope of credentials to certain servers.")),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret with the following keys:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"username")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"password")," for basic http auth if the Helm HTTP repo is behind basic auth.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"cacerts")," for custom CA bundle if the Helm repo is using a custom CA.")),(0,r.kt)("li",{parentName:"ol"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("inlineCode",{parentName:"p"},"ssh-privatekey")," for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently."))),(0,r.kt)("p",null,"For example, to add a secret in kubectl, run"),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem")),(0,r.kt)("p",null,"After secret is created, specify the secret to ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName"),". Make sure secret is created under the same namespace with gitrepo."),(0,r.kt)("h3",{id:"use-different-helm-credentials-for-each-path"},"Use different helm credentials for each path"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretName")," will be ignored if ",(0,r.kt)("inlineCode",{parentName:"p"},"gitRepo.spec.helmSecretNameForPaths")," is provided")),(0,r.kt)("p",null,"Create a file ",(0,r.kt)("inlineCode",{parentName:"p"},"secrets-path.yaml")," that contains credentials for each path defined in a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". Credentials will not be used\nfor paths that are not present in this file.\nThe path is the actual path to the bundle (ie to a folder containing a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file) within the git repository, which might have more segments than the entry under ",(0,r.kt)("inlineCode",{parentName:"p"},"paths:"),"."),(0,r.kt)("p",null,"Example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"path-one: # path path-one must exist in the repository\n username: user\n password: pass\npath-two: # path path-one must exist in the repository\n username: user2\n password: pass2\n caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=\n sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n")),(0,r.kt)("p",null,"Create the secret"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml\n")),(0,r.kt)("p",null,"In the previous example credentials for username ",(0,r.kt)("inlineCode",{parentName:"p"},"user")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-one")," and credentials for username\n",(0,r.kt)("inlineCode",{parentName:"p"},"user2")," will be used for the path ",(0,r.kt)("inlineCode",{parentName:"p"},"path-two"),"."),(0,r.kt)("p",null,(0,r.kt)("inlineCode",{parentName:"p"},"caBundle")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"sshPrivateKey")," must be base64 encoded."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"If you are using ",(0,r.kt)("a",{parentName:"p",href:"https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher"},'"rancher-backups"')," and want this secret to be included the backup, please add the label ",(0,r.kt)("inlineCode",{parentName:"p"},"resources.cattle.io/backup: true")," to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials."),(0,r.kt)("h1",{parentName:"admonition",id:"troubleshooting"},"Troubleshooting"),(0,r.kt)("p",{parentName:"admonition"},"See Fleet Troubleshooting section ",(0,r.kt)("a",{parentName:"p",href:"/0.8/troubleshooting"},"here"),".")))}c.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/a947fe06.af3b8a61.js b/assets/js/a947fe06.af19dbc2.js similarity index 97% rename from assets/js/a947fe06.af3b8a61.js rename to assets/js/a947fe06.af19dbc2.js index f5f278f63..32b3d3d5d 100644 --- a/assets/js/a947fe06.af3b8a61.js +++ b/assets/js/a947fe06.af19dbc2.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[373],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=f(n),d=l,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>f});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"version-0.9/cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/versioned_docs/version-0.9/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/0.9/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-cli/fleet.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/0.9/cli/fleet-agent/"},next:{title:"fleet apply",permalink:"/0.9/cli/fleet-cli/fleet_apply"}},c={},f=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:f};function s(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet"},"fleet"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_cleanup"},"fleet cleanup"),"\t - Clean up outdated cluster registrations"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_test"},"fleet test"),"\t - Match a bundle to a target and render the output")))}s.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[373],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),f=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=f(e.components);return r.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=f(n),d=l,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var f=2;f{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>f});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"version-0.9/cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/versioned_docs/version-0.9/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/0.9/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-cli/fleet.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent",permalink:"/0.9/cli/fleet-agent/"},next:{title:"fleet apply",permalink:"/0.9/cli/fleet-cli/fleet_apply"}},c={},f=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:f};function s(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet"},"fleet"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -h, --help help for fleet\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_cleanup"},"fleet cleanup"),"\t - Clean up outdated cluster registrations"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet_test"},"fleet test"),"\t - Match a bundle to a target and render the output")))}s.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/a9e7f6cd.f8f35a5c.js b/assets/js/a9e7f6cd.e54af66d.js similarity index 98% rename from assets/js/a9e7f6cd.f8f35a5c.js rename to assets/js/a9e7f6cd.e54af66d.js index cc438e683..171af72c4 100644 --- a/assets/js/a9e7f6cd.f8f35a5c.js +++ b/assets/js/a9e7f6cd.e54af66d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7169],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,i=e.originalType,s=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),f=c(n),d=a,m=f["".concat(s,".").concat(d)]||f[d]||p[d]||i;return n?r.createElement(m,l(l({ref:t},u),{},{components:n})):r.createElement(m,l({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=n.length,l=new Array(i);l[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const i={},l="Installation",o={unversionedId:"installation",id:"version-0.4/installation",title:"Installation",description:"The installation is broken up into two different use cases: Single and",source:"@site/versioned_docs/version-0.4/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.4/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/installation.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Advanced Users",permalink:"/0.4/advanced-users"},next:{title:"Single Cluster Install",permalink:"/0.4/single-cluster-install"}},s={},c=[],u={toc:c};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"installation"},"Installation"),(0,a.kt)("p",null,"The installation is broken up into two different use cases: ",(0,a.kt)("a",{parentName:"p",href:"/0.4/single-cluster-install"},"Single")," and\n",(0,a.kt)("a",{parentName:"p",href:"/0.4/multi-cluster-install"},"Multi-Cluster")," install. The single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,a.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7169],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,i=e.originalType,s=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),f=c(n),d=a,m=f["".concat(s,".").concat(d)]||f[d]||p[d]||i;return n?r.createElement(m,l(l({ref:t},u),{},{components:n})):r.createElement(m,l({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var i=n.length,l=new Array(i);l[0]=f;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>l,default:()=>p,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const i={},l="Installation",o={unversionedId:"installation",id:"version-0.4/installation",title:"Installation",description:"The installation is broken up into two different use cases: Single and",source:"@site/versioned_docs/version-0.4/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.4/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/installation.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Advanced Users",permalink:"/0.4/advanced-users"},next:{title:"Single Cluster Install",permalink:"/0.4/single-cluster-install"}},s={},c=[],u={toc:c};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"installation"},"Installation"),(0,a.kt)("p",null,"The installation is broken up into two different use cases: ",(0,a.kt)("a",{parentName:"p",href:"/0.4/single-cluster-install"},"Single")," and\n",(0,a.kt)("a",{parentName:"p",href:"/0.4/multi-cluster-install"},"Multi-Cluster")," install. The single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,a.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/ab0c1f88.a5c36aa8.js b/assets/js/ab0c1f88.1de459b0.js similarity index 98% rename from assets/js/ab0c1f88.a5c36aa8.js rename to assets/js/ab0c1f88.1de459b0.js index d5001c4c7..87f9fc293 100644 --- a/assets/js/ab0c1f88.a5c36aa8.js +++ b/assets/js/ab0c1f88.1de459b0.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[946],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>m});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function i(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),l=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):i(i({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,c=e.parentName,u=a(e,["components","mdxType","originalType","parentName"]),d=l(r),m=o,f=d["".concat(c,".").concat(m)]||d[m]||p[m]||s;return r?n.createElement(f,i(i({ref:t},u),{},{components:r})):n.createElement(f,i({ref:t},u))}));function m(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,i=new Array(s);i[0]=d;var a={};for(var c in t)hasOwnProperty.call(t,c)&&(a[c]=t[c]);a.originalType=e,a.mdxType="string"==typeof e?e:o,i[1]=a;for(var l=2;l{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>s,metadata:()=>a,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},i="Custom Resources During Deployment",a={unversionedId:"resources-during-deployment",id:"version-0.8/resources-during-deployment",title:"Custom Resources During Deployment",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/versioned_docs/version-0.8/resources-during-deployment.md",sourceDirName:".",slug:"/resources-during-deployment",permalink:"/0.8/resources-during-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/resources-during-deployment.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.8/namespaces"},next:{title:"Installation Details",permalink:"/0.8/installation"}},c={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources-during-deployment"},"Custom Resources During Deployment"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[946],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>m});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function i(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),l=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):i(i({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,c=e.parentName,u=a(e,["components","mdxType","originalType","parentName"]),d=l(r),m=o,f=d["".concat(c,".").concat(m)]||d[m]||p[m]||s;return r?n.createElement(f,i(i({ref:t},u),{},{components:r})):n.createElement(f,i({ref:t},u))}));function m(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,i=new Array(s);i[0]=d;var a={};for(var c in t)hasOwnProperty.call(t,c)&&(a[c]=t[c]);a.originalType=e,a.mdxType="string"==typeof e?e:o,i[1]=a;for(var l=2;l{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>s,metadata:()=>a,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},i="Custom Resources During Deployment",a={unversionedId:"resources-during-deployment",id:"version-0.8/resources-during-deployment",title:"Custom Resources During Deployment",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/versioned_docs/version-0.8/resources-during-deployment.md",sourceDirName:".",slug:"/resources-during-deployment",permalink:"/0.8/resources-during-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/resources-during-deployment.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.8/namespaces"},next:{title:"Installation Details",permalink:"/0.8/installation"}},c={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources-during-deployment"},"Custom Resources During Deployment"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file diff --git a/assets/js/ab68c950.032dc3e4.js b/assets/js/ab68c950.5bc956a1.js similarity index 99% rename from assets/js/ab68c950.032dc3e4.js rename to assets/js/ab68c950.5bc956a1.js index 2467ff7f2..18b734bae 100644 --- a/assets/js/ab68c950.032dc3e4.js +++ b/assets/js/ab68c950.5bc956a1.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4765],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),u=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:a}=e;const l=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,i]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),g=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=u[a].value;l!==i&&(d(t),o(l))},m=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},5399:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var l=a(7462),n=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const u={},c="Installation Details",d={unversionedId:"installation",id:"version-0.9/installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/versioned_docs/version-0.9/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.9/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/installation.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources During Deployment",permalink:"/0.9/resources-during-deployment"},next:{title:"Register Downstream Clusters",permalink:"/0.9/cluster-registration"}},p={},m=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],h={toc:m};function f(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"installation-details"},"Installation Details"),(0,n.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,n.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d.next.kubernetes," or greater.")),(0,n.kt)("h2",{id:"default-install"},"Default Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)("p",null,"First add Fleet's Helm repository."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd"),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet")),(0,n.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,n.kt)("h2",{id:"configuration-for-multi-cluster"},"Configuration for Multi-Cluster"),(0,n.kt)("admonition",{type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,n.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,n.kt)("p",{parentName:"admonition"},"The multi-cluster install described below is ",(0,n.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA.")),(0,n.kt)("admonition",{type:"info"},(0,n.kt)("p",{parentName:"admonition"},"The setup is the same as for a single cluster.\nAfter installing the Fleet manager, you will then need to register remote downstream clusters with the Fleet manager."),(0,n.kt)("p",{parentName:"admonition"},"However, to allow for ",(0,n.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#manager-initiated"},"manager-initiated registration")," of downstream clusters, a few extra settings are required. Without the API server URL and the CA, only ",(0,n.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#agent-initiated"},"agent-initiated registration")," of downstream clusters is possible.")),(0,n.kt)("h3",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,n.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,n.kt)("inlineCode",{parentName:"p"},"$HOME/.kube/config"),"). The ",(0,n.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="$HOME/.kube/config"',title:'"$HOME/.kube/config"'},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,n.kt)("h4",{id:"extract-ca-certificate"},"Extract CA certificate"),(0,n.kt)("p",null,"Please note that the ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,n.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,n.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,n.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,n.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("h4",{id:"validate"},"Validate"),(0,n.kt)("p",null,"First validate the server URL is correct."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,n.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,n.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"If you get a valid JSON response or an ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,n.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,n.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,n.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,n.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,n.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,n.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,n.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,n.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,n.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First add Fleet's Helm repository.",(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d.next.fleetCRD),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d.next.fleet)),(0,n.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.9/cluster-registration"},"register clusters")," and ",(0,n.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4765],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),u=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:a}=e;const l=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,i]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),g=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=u[a].value;l!==i&&(d(t),o(l))},m=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},5399:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var l=a(7462),n=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const u={},c="Installation Details",d={unversionedId:"installation",id:"version-0.9/installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/versioned_docs/version-0.9/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.9/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/installation.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources During Deployment",permalink:"/0.9/resources-during-deployment"},next:{title:"Register Downstream Clusters",permalink:"/0.9/cluster-registration"}},p={},m=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],h={toc:m};function f(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"installation-details"},"Installation Details"),(0,n.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,n.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d.next.kubernetes," or greater.")),(0,n.kt)("h2",{id:"default-install"},"Default Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)("p",null,"First add Fleet's Helm repository."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd"),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet")),(0,n.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,n.kt)("h2",{id:"configuration-for-multi-cluster"},"Configuration for Multi-Cluster"),(0,n.kt)("admonition",{type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,n.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,n.kt)("p",{parentName:"admonition"},"The multi-cluster install described below is ",(0,n.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA.")),(0,n.kt)("admonition",{type:"info"},(0,n.kt)("p",{parentName:"admonition"},"The setup is the same as for a single cluster.\nAfter installing the Fleet manager, you will then need to register remote downstream clusters with the Fleet manager."),(0,n.kt)("p",{parentName:"admonition"},"However, to allow for ",(0,n.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#manager-initiated"},"manager-initiated registration")," of downstream clusters, a few extra settings are required. Without the API server URL and the CA, only ",(0,n.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#agent-initiated"},"agent-initiated registration")," of downstream clusters is possible.")),(0,n.kt)("h3",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,n.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,n.kt)("inlineCode",{parentName:"p"},"$HOME/.kube/config"),"). The ",(0,n.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="$HOME/.kube/config"',title:'"$HOME/.kube/config"'},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,n.kt)("h4",{id:"extract-ca-certificate"},"Extract CA certificate"),(0,n.kt)("p",null,"Please note that the ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,n.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,n.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,n.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,n.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("h4",{id:"validate"},"Validate"),(0,n.kt)("p",null,"First validate the server URL is correct."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,n.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,n.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"If you get a valid JSON response or an ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,n.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,n.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,n.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,n.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,n.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,n.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,n.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,n.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,n.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First add Fleet's Helm repository.",(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d.next.fleetCRD),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d.next.fleet)),(0,n.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.9/cluster-registration"},"register clusters")," and ",(0,n.kt)("a",{parentName:"p",href:"/0.9/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/aba71817.ea68235e.js b/assets/js/aba71817.751d67ab.js similarity index 99% rename from assets/js/aba71817.ea68235e.js rename to assets/js/aba71817.751d67ab.js index 903443f69..7aef9937a 100644 --- a/assets/js/aba71817.ea68235e.js +++ b/assets/js/aba71817.751d67ab.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8813],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var l=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=l.createContext({}),s=function(e){var t=l.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=s(e.components);return l.createElement(c.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},u=l.forwardRef((function(e,t){var n=e.components,r=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=s(n),m=r,f=u["".concat(c,".").concat(m)]||u[m]||d[m]||a;return n?l.createElement(f,o(o({ref:t},p),{},{components:n})):l.createElement(f,o({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>d,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var l=n(7462),r=(n(7294),n(3905));const a={},o="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/docs/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-bundle-stages.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/concepts"},next:{title:"Git Repository Contents",permalink:"/gitrepo-content"}},c={},s=[{value:"Examining the Bundle Lifecycle With the CLI",id:"examining-the-bundle-lifecycle-with-the-cli",level:2},{value:"fleet apply",id:"fleet-apply",level:3},{value:"fleet target",id:"fleet-target",level:3},{value:"fleet deploy",id:"fleet-deploy",level:3},{value:"Lifecycle CLI Example",id:"lifecycle-cli-example",level:3}],p={toc:s};function d(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,l.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,r.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,r.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"User will create a ",(0,r.kt)("a",{parentName:"li",href:"/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,r.kt)("li",{parentName:"ol"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,r.kt)("a",{parentName:"li",href:"/webhook"},"webhook event"),". With every commit change, the ",(0,r.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,r.kt)("a",{parentName:"li",href:"/cluster-bundles-state#bundles"},"bundle"),".")),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,r.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,r.kt)("ol",{start:3},(0,r.kt)("li",{parentName:"ol"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,r.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,r.kt)("li",{parentName:"ol"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,r.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,r.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,r.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,r.kt)("li",{parentName:"ol"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,r.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})),(0,r.kt)("h2",{id:"examining-the-bundle-lifecycle-with-the-cli"},"Examining the Bundle Lifecycle With the CLI"),(0,r.kt)("p",null,"Several fleet CLI commands help with debugging bundles."),(0,r.kt)("h3",{id:"fleet-apply"},"fleet apply"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/cli/fleet-cli/fleet_apply"},"Apply")," renders a folder with Kubernetes resources, such as a Helm chart, manifests, or kustomize folders, into a Fleet bundle resource."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"git clone https://github.com/rancher/fleet-test-data\ncd fleet-test-data\nfleet apply -n fleet-local -o bundle.yaml testbundle simple-chart/\n")),(0,r.kt)("p",null,"More information on how to create bundles with ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet apply")," can be found in the ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/bundle-add"},"section on bundles"),"."),(0,r.kt)("h3",{id:"fleet-target"},"fleet target"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/cli/fleet-cli/fleet_target"},"Target")," reads a bundle from a file and works with a live cluster to print out the ",(0,r.kt)("inlineCode",{parentName:"p"},"bundledeployment")," & ",(0,r.kt)("inlineCode",{parentName:"p"},"content"),' resource, which fleetcontroller would create. It takes a namespace as an argument, so it can look in that namespace for e.g. cluster resources. It can also dump the data structure which is used during "targeting", so decisions taken regarding labels and cluster names can be checked.'),(0,r.kt)("h3",{id:"fleet-deploy"},"fleet deploy"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/cli/fleet-cli/fleet_deploy"},"Deploy")," takes the output of ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet target"),", or a dumped bundledeployment/content resource and deploys it to a cluster, just like fleet-agent would. It supports a dry run mode, to print out the resources which would be created, instead of installing them with helm. Since the command doesn't create the input resources, a running fleet-agent would likely garbage collect the deployment."),(0,r.kt)("p",null,"The deploy command can be used to bring bundles to air-gapped clusters."),(0,r.kt)("h3",{id:"lifecycle-cli-example"},"Lifecycle CLI Example"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"git clone https://github.com/rancher/fleet-test-data\ncd fleet-test-data\n# for information about apply see https://fleet.rancher.io/bundle-add\nfleet apply -n fleet-local -o bundle.yaml testbundle simple-chart/\nfleet target --bundle-file bundle.yaml --list-inputs > bd.yaml\nfleet deploy --input-file bd.yaml --dry-run\n")))}d.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>l});const l=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8813],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var l=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=l.createContext({}),s=function(e){var t=l.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=s(e.components);return l.createElement(c.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},u=l.forwardRef((function(e,t){var n=e.components,r=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=s(n),m=r,f=u["".concat(c,".").concat(m)]||u[m]||d[m]||a;return n?l.createElement(f,o(o({ref:t},p),{},{components:n})):l.createElement(f,o({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>d,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var l=n(7462),r=(n(7294),n(3905));const a={},o="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/docs/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-bundle-stages.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/concepts"},next:{title:"Git Repository Contents",permalink:"/gitrepo-content"}},c={},s=[{value:"Examining the Bundle Lifecycle With the CLI",id:"examining-the-bundle-lifecycle-with-the-cli",level:2},{value:"fleet apply",id:"fleet-apply",level:3},{value:"fleet target",id:"fleet-target",level:3},{value:"fleet deploy",id:"fleet-deploy",level:3},{value:"Lifecycle CLI Example",id:"lifecycle-cli-example",level:3}],p={toc:s};function d(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,l.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,r.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,r.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"User will create a ",(0,r.kt)("a",{parentName:"li",href:"/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,r.kt)("li",{parentName:"ol"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,r.kt)("a",{parentName:"li",href:"/webhook"},"webhook event"),". With every commit change, the ",(0,r.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,r.kt)("a",{parentName:"li",href:"/cluster-bundles-state#bundles"},"bundle"),".")),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,r.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,r.kt)("ol",{start:3},(0,r.kt)("li",{parentName:"ol"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,r.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,r.kt)("li",{parentName:"ol"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,r.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,r.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,r.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,r.kt)("li",{parentName:"ol"},"The ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,r.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,r.kt)("p",null,(0,r.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})),(0,r.kt)("h2",{id:"examining-the-bundle-lifecycle-with-the-cli"},"Examining the Bundle Lifecycle With the CLI"),(0,r.kt)("p",null,"Several fleet CLI commands help with debugging bundles."),(0,r.kt)("h3",{id:"fleet-apply"},"fleet apply"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/cli/fleet-cli/fleet_apply"},"Apply")," renders a folder with Kubernetes resources, such as a Helm chart, manifests, or kustomize folders, into a Fleet bundle resource."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"git clone https://github.com/rancher/fleet-test-data\ncd fleet-test-data\nfleet apply -n fleet-local -o bundle.yaml testbundle simple-chart/\n")),(0,r.kt)("p",null,"More information on how to create bundles with ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet apply")," can be found in the ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/bundle-add"},"section on bundles"),"."),(0,r.kt)("h3",{id:"fleet-target"},"fleet target"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/cli/fleet-cli/fleet_target"},"Target")," reads a bundle from a file and works with a live cluster to print out the ",(0,r.kt)("inlineCode",{parentName:"p"},"bundledeployment")," & ",(0,r.kt)("inlineCode",{parentName:"p"},"content"),' resource, which fleetcontroller would create. It takes a namespace as an argument, so it can look in that namespace for e.g. cluster resources. It can also dump the data structure which is used during "targeting", so decisions taken regarding labels and cluster names can be checked.'),(0,r.kt)("h3",{id:"fleet-deploy"},"fleet deploy"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"/cli/fleet-cli/fleet_deploy"},"Deploy")," takes the output of ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet target"),", or a dumped bundledeployment/content resource and deploys it to a cluster, just like fleet-agent would. It supports a dry run mode, to print out the resources which would be created, instead of installing them with helm. Since the command doesn't create the input resources, a running fleet-agent would likely garbage collect the deployment."),(0,r.kt)("p",null,"The deploy command can be used to bring bundles to air-gapped clusters."),(0,r.kt)("h3",{id:"lifecycle-cli-example"},"Lifecycle CLI Example"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"git clone https://github.com/rancher/fleet-test-data\ncd fleet-test-data\n# for information about apply see https://fleet.rancher.io/bundle-add\nfleet apply -n fleet-local -o bundle.yaml testbundle simple-chart/\nfleet target --bundle-file bundle.yaml --list-inputs > bd.yaml\nfleet deploy --input-file bd.yaml --dry-run\n")))}d.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>l});const l=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file diff --git a/assets/js/abf95bb4.53639d34.js b/assets/js/abf95bb4.1454ad7e.js similarity index 98% rename from assets/js/abf95bb4.53639d34.js rename to assets/js/abf95bb4.1454ad7e.js index 027777180..271546cd3 100644 --- a/assets/js/abf95bb4.53639d34.js +++ b/assets/js/abf95bb4.1454ad7e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7767],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),i=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=i(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=i(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},d),{},{components:n})):r.createElement(m,s({ref:t},d))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>i});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"version-0.7/cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.7/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.7/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cluster-bundles-state.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/0.7/cli/fleet-controller/fleet-manager"},next:{title:"Cluster Registration Internals",permalink:"/0.7/ref-registration"}},u={},i=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],d={toc:i};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7767],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),i=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=i(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=i(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},d),{},{components:n})):r.createElement(m,s({ref:t},d))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>i});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"version-0.7/cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.7/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.7/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cluster-bundles-state.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/0.7/cli/fleet-controller/fleet-manager"},next:{title:"Cluster Registration Internals",permalink:"/0.7/ref-registration"}},u={},i=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],d={toc:i};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/ae10697b.936b949b.js b/assets/js/ae10697b.a9301116.js similarity index 99% rename from assets/js/ae10697b.936b949b.js rename to assets/js/ae10697b.a9301116.js index 7bc17041b..44fb797b1 100644 --- a/assets/js/ae10697b.936b949b.js +++ b/assets/js/ae10697b.a9301116.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7345],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function s(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):s(s({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,i=e.originalType,n=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),h=c(a),p=l,m=h["".concat(n,".").concat(p)]||h[p]||u[p]||i;return a?r.createElement(m,s(s({ref:t},d),{},{components:a})):r.createElement(m,s({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var i=a.length,s=new Array(i);s[0]=h;var o={};for(var n in t)hasOwnProperty.call(t,n)&&(o[n]=t[n]);o.originalType=e,o.mdxType="string"==typeof e?e:l,s[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>s,default:()=>u,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const i={title:"v0.9.1",date:"2024-03-21 16:35:26 +0000 UTC"},s=void 0,o={unversionedId:"changelogs/changelogs/v0.9.1",id:"version-0.9/changelogs/changelogs/v0.9.1",title:"v0.9.1",description:"(rancherio-gh-m) released this 2024-03-21 1626 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.1",permalink:"/0.9/changelogs/changelogs/v0.9.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.1.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.1",date:"2024-03-21 16:35:26 +0000 UTC"},sidebar:"docs",previous:{title:"v0.9.0",permalink:"/0.9/changelogs/changelogs/v0.9.0"},next:{title:"v0.9.2",permalink:"/0.9/changelogs/changelogs/v0.9.2"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function u(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-03-21 16:35:26 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Allow correctDrift to be overridden in target customization by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2019024692","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1982","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1982/hovercard",href:"https://github.com/rancher/fleet/pull/1982"},"#1982")),(0,l.kt)("li",null,"Add azure webhook by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2082426538","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/412","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/412/hovercard",href:"https://github.com/rancher/gitjob/pull/412"},"rancher/gitjob#412")),(0,l.kt)("li",null,"Keep CRDs when deleting a Bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2047051556","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2024","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2024/hovercard",href:"https://github.com/rancher/fleet/pull/2024"},"#2024")),(0,l.kt)("li",null,"Add security context to token cleanup job by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2161729384","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2192","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2192/hovercard",href:"https://github.com/rancher/fleet/pull/2192"},"#2192"))),(0,l.kt)("h3",null,"Performance"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Use index when listing BundleDeployments by Bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2006608014","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1954","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1954/hovercard",href:"https://github.com/rancher/fleet/pull/1954"},"#1954")),(0,l.kt)("li",null,"Replace json-based implementation of DeepCopy on GenericMap by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2006635369","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1955","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1955/hovercard",href:"https://github.com/rancher/fleet/pull/1955"},"#1955")),(0,l.kt)("li",null,"Use UniqueApplyForResourceVersion in Bundle and GitRepo GeneratingHandlers by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2078347797","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2061","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2061/hovercard",href:"https://github.com/rancher/fleet/pull/2061"},"#2061")),(0,l.kt)("li",null,"Reduce BundleDeployment triggering on deployed resources updates by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2050943227","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2031","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2031/hovercard",href:"https://github.com/rancher/fleet/pull/2031"},"#2031"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Fix azure devops git clone error by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2065843069","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/400","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/400/hovercard",href:"https://github.com/rancher/gitjob/pull/400"},"rancher/gitjob#400")),(0,l.kt)("li",null,"Add http proxy env vars to containers and initContainers created by GitJob by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2040105108","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/380","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/380/hovercard",href:"https://github.com/rancher/gitjob/pull/380"},"rancher/gitjob#380")),(0,l.kt)("li",null,"Add support for Azure DevOps Webhook for gitRepos using SSH URL by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2173251497","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/446","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/446/hovercard",href:"https://github.com/rancher/gitjob/pull/446"},"rancher/gitjob#446")),(0,l.kt)("li",null,"Fixes panic when imagescan uses prereleases and * by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/0xavi0/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/0xavi0"},"@0xavi0")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2156524867","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2183","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2183/hovercard",href:"https://github.com/rancher/fleet/pull/2183"},"#2183")),(0,l.kt)("li",null,"Fix Existing Namespace Not Found By Label by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2166659192","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2204","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2204/hovercard",href:"https://github.com/rancher/fleet/pull/2204"},"#2204"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump to ",(0,l.kt)("a",{href:"https://github.com/rancher/gitjob/releases/tag/v0.9.1"},"gitjob chart v0.9.1")," by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2083745193","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2079","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2079/hovercard",href:"https://github.com/rancher/fleet/pull/2079"},"#2079")),(0,l.kt)("li",null,"OCI test changes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2007660305","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1959","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1959/hovercard",href:"https://github.com/rancher/fleet/pull/1959"},"#1959")),(0,l.kt)("li",null,"OCI auth test changes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2007995262","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1961","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1961/hovercard",href:"https://github.com/rancher/fleet/pull/1961"},"#1961")),(0,l.kt)("li",null,"Remove s390x by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2048174208","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2027","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2027/hovercard",href:"https://github.com/rancher/fleet/pull/2027"},"#2027")),(0,l.kt)("li",null,"Remove s390x by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2041228490","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/381","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/381/hovercard",href:"https://github.com/rancher/gitjob/pull/381"},"rancher/gitjob#381")),(0,l.kt)("li",null,"BCI base version by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2078778336","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2064","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2064/hovercard",href:"https://github.com/rancher/fleet/pull/2064"},"#2064")),(0,l.kt)("li",null,"Update CI for k8s 1.29 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2081754311","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2072","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2072/hovercard",href:"https://github.com/rancher/fleet/pull/2072"},"#2072")),(0,l.kt)("li",null,"Bump go git 5.11 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2076908695","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2059","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2059/hovercard",href:"https://github.com/rancher/fleet/pull/2059"},"#2059")),(0,l.kt)("li",null,"Bump go-git module by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2076733191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/406","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/406/hovercard",href:"https://github.com/rancher/gitjob/pull/406"},"rancher/gitjob#406")),(0,l.kt)("li",null,"Bump wrangler/v2 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2078819422","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/408","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/408/hovercard",href:"https://github.com/rancher/gitjob/pull/408"},"rancher/gitjob#408"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.9.0...v0.9.1"},(0,l.kt)("tt",null,"v0.9.0...v0.9.1"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-crd-0.9.1.tgz"},"fleet-crd-0.9.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-agent-0.9.1.tgz"},"fleet-agent-0.9.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-0.9.1.tgz"},"fleet-0.9.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.1"},"here"))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7345],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function i(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function s(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):s(s({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,i=e.originalType,n=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),h=c(a),p=l,m=h["".concat(n,".").concat(p)]||h[p]||u[p]||i;return a?r.createElement(m,s(s({ref:t},d),{},{components:a})):r.createElement(m,s({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var i=a.length,s=new Array(i);s[0]=h;var o={};for(var n in t)hasOwnProperty.call(t,n)&&(o[n]=t[n]);o.originalType=e,o.mdxType="string"==typeof e?e:l,s[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>s,default:()=>u,frontMatter:()=>i,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const i={title:"v0.9.1",date:"2024-03-21 16:35:26 +0000 UTC"},s=void 0,o={unversionedId:"changelogs/changelogs/v0.9.1",id:"version-0.9/changelogs/changelogs/v0.9.1",title:"v0.9.1",description:"(rancherio-gh-m) released this 2024-03-21 1626 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.1",permalink:"/0.9/changelogs/changelogs/v0.9.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.1.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.1",date:"2024-03-21 16:35:26 +0000 UTC"},sidebar:"docs",previous:{title:"v0.9.0",permalink:"/0.9/changelogs/changelogs/v0.9.0"},next:{title:"v0.9.2",permalink:"/0.9/changelogs/changelogs/v0.9.2"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function u(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-03-21 16:35:26 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Allow correctDrift to be overridden in target customization by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2019024692","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1982","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1982/hovercard",href:"https://github.com/rancher/fleet/pull/1982"},"#1982")),(0,l.kt)("li",null,"Add azure webhook by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2082426538","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/412","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/412/hovercard",href:"https://github.com/rancher/gitjob/pull/412"},"rancher/gitjob#412")),(0,l.kt)("li",null,"Keep CRDs when deleting a Bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2047051556","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2024","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2024/hovercard",href:"https://github.com/rancher/fleet/pull/2024"},"#2024")),(0,l.kt)("li",null,"Add security context to token cleanup job by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2161729384","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2192","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2192/hovercard",href:"https://github.com/rancher/fleet/pull/2192"},"#2192"))),(0,l.kt)("h3",null,"Performance"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Use index when listing BundleDeployments by Bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2006608014","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1954","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1954/hovercard",href:"https://github.com/rancher/fleet/pull/1954"},"#1954")),(0,l.kt)("li",null,"Replace json-based implementation of DeepCopy on GenericMap by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2006635369","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1955","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1955/hovercard",href:"https://github.com/rancher/fleet/pull/1955"},"#1955")),(0,l.kt)("li",null,"Use UniqueApplyForResourceVersion in Bundle and GitRepo GeneratingHandlers by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2078347797","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2061","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2061/hovercard",href:"https://github.com/rancher/fleet/pull/2061"},"#2061")),(0,l.kt)("li",null,"Reduce BundleDeployment triggering on deployed resources updates by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2050943227","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2031","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2031/hovercard",href:"https://github.com/rancher/fleet/pull/2031"},"#2031"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Fix azure devops git clone error by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2065843069","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/400","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/400/hovercard",href:"https://github.com/rancher/gitjob/pull/400"},"rancher/gitjob#400")),(0,l.kt)("li",null,"Add http proxy env vars to containers and initContainers created by GitJob by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2040105108","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/380","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/380/hovercard",href:"https://github.com/rancher/gitjob/pull/380"},"rancher/gitjob#380")),(0,l.kt)("li",null,"Add support for Azure DevOps Webhook for gitRepos using SSH URL by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2173251497","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/446","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/446/hovercard",href:"https://github.com/rancher/gitjob/pull/446"},"rancher/gitjob#446")),(0,l.kt)("li",null,"Fixes panic when imagescan uses prereleases and * by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/0xavi0/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/0xavi0"},"@0xavi0")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2156524867","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2183","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2183/hovercard",href:"https://github.com/rancher/fleet/pull/2183"},"#2183")),(0,l.kt)("li",null,"Fix Existing Namespace Not Found By Label by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2166659192","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2204","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2204/hovercard",href:"https://github.com/rancher/fleet/pull/2204"},"#2204"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump to ",(0,l.kt)("a",{href:"https://github.com/rancher/gitjob/releases/tag/v0.9.1"},"gitjob chart v0.9.1")," by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2083745193","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2079","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2079/hovercard",href:"https://github.com/rancher/fleet/pull/2079"},"#2079")),(0,l.kt)("li",null,"OCI test changes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2007660305","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1959","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1959/hovercard",href:"https://github.com/rancher/fleet/pull/1959"},"#1959")),(0,l.kt)("li",null,"OCI auth test changes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2007995262","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1961","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1961/hovercard",href:"https://github.com/rancher/fleet/pull/1961"},"#1961")),(0,l.kt)("li",null,"Remove s390x by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2048174208","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2027","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2027/hovercard",href:"https://github.com/rancher/fleet/pull/2027"},"#2027")),(0,l.kt)("li",null,"Remove s390x by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2041228490","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/381","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/381/hovercard",href:"https://github.com/rancher/gitjob/pull/381"},"rancher/gitjob#381")),(0,l.kt)("li",null,"BCI base version by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2078778336","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2064","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2064/hovercard",href:"https://github.com/rancher/fleet/pull/2064"},"#2064")),(0,l.kt)("li",null,"Update CI for k8s 1.29 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2081754311","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2072","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2072/hovercard",href:"https://github.com/rancher/fleet/pull/2072"},"#2072")),(0,l.kt)("li",null,"Bump go git 5.11 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2076908695","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2059","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2059/hovercard",href:"https://github.com/rancher/fleet/pull/2059"},"#2059")),(0,l.kt)("li",null,"Bump go-git module by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2076733191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/406","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/406/hovercard",href:"https://github.com/rancher/gitjob/pull/406"},"rancher/gitjob#406")),(0,l.kt)("li",null,"Bump wrangler/v2 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2078819422","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/408","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/408/hovercard",href:"https://github.com/rancher/gitjob/pull/408"},"rancher/gitjob#408"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.9.0...v0.9.1"},(0,l.kt)("tt",null,"v0.9.0...v0.9.1"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-crd-0.9.1.tgz"},"fleet-crd-0.9.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-agent-0.9.1.tgz"},"fleet-agent-0.9.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-0.9.1.tgz"},"fleet-0.9.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.1/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.1"},"here"))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/ae2335f3.8033243b.js b/assets/js/ae2335f3.f34a0c15.js similarity index 99% rename from assets/js/ae2335f3.8033243b.js rename to assets/js/ae2335f3.f34a0c15.js index 7a84794f1..90b3ed889 100644 --- a/assets/js/ae2335f3.8033243b.js +++ b/assets/js/ae2335f3.f34a0c15.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1049],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),r=n(6010);const l="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,r.Z)(l,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),r=n(7294),l=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return r.Children.map(e,(e=>{if((0,r.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:r}}=e;return{value:t,label:n,attributes:a,default:r}}))}function p(e){const{values:t,children:n}=e;return(0,r.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),l=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(l),(0,r.useCallback)((e=>{if(!l)return;const t=new URLSearchParams(a.location.search);t.set(l,e),a.replace({...a.location,search:t.toString()})}),[l,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,l=p(e),[i,s]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:l}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,l]=(0,c.Nk)(n);return[a,(0,r.useCallback)((e=>{n&&l.set(e)}),[n,l])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:l})?e:null})();(0,r.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:l}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,l]),tabValues:l}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,l.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return r.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,l.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function v(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return r.createElement("div",{className:(0,l.Z)("tabs-container",f)},r.createElement(y,(0,a.Z)({},e,t)),r.createElement(v,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return r.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},8105:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>d,contentTitle:()=>u,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var a=n(7462),r=(n(7294),n(3905)),l=(n(6828),n(814)),i=n(4866),s=n(5162);const o={},u="Register Downstream Clusters",c={unversionedId:"cluster-registration",id:"cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/docs/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cluster-registration.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/installation"},next:{title:"Create Cluster Groups",permalink:"/cluster-group"}},d={},p=[{value:"Overview",id:"overview",level:2},{value:"Agent-Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager-Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],m={toc:p};function h(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,r.kt)("h2",{id:"overview"},"Overview"),(0,r.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,r.kt)("strong",{parentName:"p"},"agent-initiated")," and ",(0,r.kt)("strong",{parentName:"p"},"manager-initiated")," registration. Typically one would\ngo with the agent-initiated registration but there are specific use cases in which\nmanager-initiated is a better workflow."),(0,r.kt)("h3",{id:"agent-initiated-registration"},"Agent-Initiated Registration"),(0,r.kt)("p",null,"Agent-initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,r.kt)("h3",{id:"manager-initiated-registration"},"Manager-Initiated Registration"),(0,r.kt)("p",null,"Manager-initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,r.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,r.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,r.kt)("strong",{parentName:"p"},"client ID")," or ",(0,r.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,r.kt)("a",{parentName:"p",href:"/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,r.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,r.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,r.kt)("p",null,"The ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe ",(0,r.kt)("a",{parentName:"p",href:"/architecture#security"},"cluster registration token")," is manifested as a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,r.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,r.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,r.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,r.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,r.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,r.kt)("p",null,"First, follow the ",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,r.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,r.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,r.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,r.kt)("p",null,"Value in ",(0,r.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,r.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,r.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,r.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,r.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,r.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,r.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,r.kt)("p",null,"First, create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,r.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,r.kt)("p",null,"Third, setup your environment to use the client ID."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager-initiated registration"),":\nFor manager-initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent-initiated registration the downstream cluster must have a ",(0,r.kt)("a",{parentName:"p",href:"/architecture#security"},"cluster registration token"),".\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,r.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,r.kt)("p",null,"The manager-initiated registration flow is accomplished by creating a\n",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,r.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,r.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,r.kt)("a",{parentName:"p",href:"/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,r.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,r.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,r.kt)("p",null,"The format of this secret is intended to match the ",(0,r.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,r.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,r.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,r.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1049],{5162:(e,t,n)=>{n.d(t,{Z:()=>i});var a=n(7294),r=n(6010);const l="tabItem_Ymn6";function i(e){let{children:t,hidden:n,className:i}=e;return a.createElement("div",{role:"tabpanel",className:(0,r.Z)(l,i),hidden:n},t)}},4866:(e,t,n)=>{n.d(t,{Z:()=>N});var a=n(7462),r=n(7294),l=n(6010),i=n(2466),s=n(6550),o=n(1980),u=n(7392),c=n(12);function d(e){return function(e){return r.Children.map(e,(e=>{if((0,r.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:n,attributes:a,default:r}}=e;return{value:t,label:n,attributes:a,default:r}}))}function p(e){const{values:t,children:n}=e;return(0,r.useMemo)((()=>{const e=t??d(n);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,n])}function m(e){let{value:t,tabValues:n}=e;return n.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:n}=e;const a=(0,s.k6)(),l=function(e){let{queryString:t=!1,groupId:n}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!n)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return n??null}({queryString:t,groupId:n});return[(0,o._X)(l),(0,r.useCallback)((e=>{if(!l)return;const t=new URLSearchParams(a.location.search);t.set(l,e),a.replace({...a.location,search:t.toString()})}),[l,a])]}function g(e){const{defaultValue:t,queryString:n=!1,groupId:a}=e,l=p(e),[i,s]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:n}=e;if(0===n.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:n}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${n.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const a=n.find((e=>e.default))??n[0];if(!a)throw new Error("Unexpected error: 0 tabValues");return a.value}({defaultValue:t,tabValues:l}))),[o,u]=h({queryString:n,groupId:a}),[d,g]=function(e){let{groupId:t}=e;const n=function(e){return e?`docusaurus.tab.${e}`:null}(t),[a,l]=(0,c.Nk)(n);return[a,(0,r.useCallback)((e=>{n&&l.set(e)}),[n,l])]}({groupId:a}),k=(()=>{const e=o??d;return m({value:e,tabValues:l})?e:null})();(0,r.useLayoutEffect)((()=>{k&&s(k)}),[k]);return{selectedValue:i,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:l}))throw new Error(`Can't select invalid tab value=${e}`);s(e),u(e),g(e)}),[u,g,l]),tabValues:l}}var k=n(2389);const f="tabList__CuJ",b="tabItem_LNqP";function y(e){let{className:t,block:n,selectedValue:s,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,i.o5)(),p=e=>{const t=e.currentTarget,n=c.indexOf(t),a=u[n].value;a!==s&&(d(t),o(a))},m=e=>{var t;let n=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;n=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;n=c[t]??c[c.length-1];break}}null==(t=n)||t.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,l.Z)("tabs",{"tabs--block":n},t)},u.map((e=>{let{value:t,label:n,attributes:i}=e;return r.createElement("li",(0,a.Z)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},i,{className:(0,l.Z)("tabs__item",b,null==i?void 0:i.className,{"tabs__item--active":s===t})}),n??t)})))}function v(e){let{lazy:t,children:n,selectedValue:a}=e;if(n=Array.isArray(n)?n:[n],t){const e=n.find((e=>e.props.value===a));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},n.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==a}))))}function w(e){const t=g(e);return r.createElement("div",{className:(0,l.Z)("tabs-container",f)},r.createElement(y,(0,a.Z)({},e,t)),r.createElement(v,(0,a.Z)({},e,t)))}function N(e){const t=(0,k.Z)();return r.createElement(w,(0,a.Z)({key:String(t)},e))}},6828:(e,t,n)=>{n.d(t,{d:()=>a});const a={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},8105:(e,t,n)=>{n.r(t),n.d(t,{assets:()=>d,contentTitle:()=>u,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var a=n(7462),r=(n(7294),n(3905)),l=(n(6828),n(814)),i=n(4866),s=n(5162);const o={},u="Register Downstream Clusters",c={unversionedId:"cluster-registration",id:"cluster-registration",title:"Register Downstream Clusters",description:"Overview",source:"@site/docs/cluster-registration.md",sourceDirName:".",slug:"/cluster-registration",permalink:"/cluster-registration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cluster-registration.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation Details",permalink:"/installation"},next:{title:"Create Cluster Groups",permalink:"/cluster-group"}},d={},p=[{value:"Overview",id:"overview",level:2},{value:"Agent-Initiated Registration",id:"agent-initiated-registration",level:3},{value:"Manager-Initiated Registration",id:"manager-initiated-registration",level:3},{value:"Agent Initiated",id:"agent-initiated",level:2},{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:3},{value:"Install Agent For a New Cluster",id:"install-agent-for-a-new-cluster",level:3},{value:"Install Agent For a Predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:3},{value:"Create Cluster Registration Tokens",id:"create-cluster-registration-tokens",level:3},{value:"Token TTL",id:"token-ttl",level:4},{value:"Create a new Token",id:"create-a-new-token",level:4},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:4},{value:"Manager Initiated",id:"manager-initiated",level:2},{value:"Create Kubeconfig Secret",id:"create-kubeconfig-secret",level:3},{value:"Create Cluster Resource",id:"create-cluster-resource",level:3}],m={toc:p};function h(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"register-downstream-clusters"},"Register Downstream Clusters"),(0,r.kt)("h2",{id:"overview"},"Overview"),(0,r.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,r.kt)("strong",{parentName:"p"},"agent-initiated")," and ",(0,r.kt)("strong",{parentName:"p"},"manager-initiated")," registration. Typically one would\ngo with the agent-initiated registration but there are specific use cases in which\nmanager-initiated is a better workflow."),(0,r.kt)("h3",{id:"agent-initiated-registration"},"Agent-Initiated Registration"),(0,r.kt)("p",null,"Agent-initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,r.kt)("h3",{id:"manager-initiated-registration"},"Manager-Initiated Registration"),(0,r.kt)("p",null,"Manager-initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."),(0,r.kt)("h2",{id:"agent-initiated"},"Agent Initiated"),(0,r.kt)("p",null,"A downstream cluster is registered by installing an agent via helm and using the ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,r.kt)("strong",{parentName:"p"},"client ID")," or ",(0,r.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"It's not necessary to configure the fleet manager for ",(0,r.kt)("a",{parentName:"p",href:"/installation#configuration-for-multi-cluster"},"multi cluster"),", as the downstream agent we install via Helm will connect to the Kubernetes API of the upstream cluster directly."),(0,r.kt)("p",{parentName:"admonition"},"Agent-initiated registration is normally not used with Rancher.")),(0,r.kt)("h3",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,r.kt)("p",null,"The ",(0,r.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required.\nThe ",(0,r.kt)("a",{parentName:"p",href:"/architecture#security"},"cluster registration token")," is manifested as a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will be passed to the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install")," process.\nAlternatively one can pass the token directly to the helm install command via ",(0,r.kt)("inlineCode",{parentName:"p"},'--set token="$token"'),"."),(0,r.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,r.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,r.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,r.kt)("h3",{id:"install-agent-for-a-new-cluster"},"Install Agent For a New Cluster"),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,r.kt)("p",null,"First, follow the ",(0,r.kt)("a",{parentName:"p",href:"#create-cluster-registration-tokens"},"cluster registration token instructions")," to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,r.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,r.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,r.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,r.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,r.kt)("p",null,"Value in ",(0,r.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,r.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,r.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,r.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,r.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{title:"Kubectl Context",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"install-agent-for-a-predefined-cluster"},"Install Agent For a Predefined Cluster"),(0,r.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,r.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,r.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,r.kt)("p",null,"First, create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,r.kt)("p",null,"Second, follow the ","[cluster registration token instructions]","((#create-cluster-registration-tokens) to obtain the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,r.kt)("p",null,"Third, setup your environment to use the client ID."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,r.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,r.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,r.kt)("p",null,"Add Fleet's Helm repo."),(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,r.kt)("p",null,"Finally, install the agent using Helm."),(0,r.kt)(i.Z,{mdxType:"Tabs"},(0,r.kt)(s.Z,{value:"helm2",label:"Install",default:!0,mdxType:"TabItem"},(0,r.kt)(l.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent fleet/fleet-agent')),(0,r.kt)(s.Z,{value:"validate2",label:"Validate",mdxType:"TabItem"},"You can check that status of the fleet pods by running the below commands.",(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")))),"The agent should now be deployed.",(0,r.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,r.kt)("a",{parentName:"p",href:"/namespaces"},"namespace"),". Please ensure your ",(0,r.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z\n")),(0,r.kt)("h3",{id:"create-cluster-registration-tokens"},"Create Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager-initiated registration"),":\nFor manager-initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent-initiated registration the downstream cluster must have a ",(0,r.kt)("a",{parentName:"p",href:"/architecture#security"},"cluster registration token"),".\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h4",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h4",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h4",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."),(0,r.kt)("h2",{id:"manager-initiated"},"Manager Initiated"),(0,r.kt)("p",null,"The manager-initiated registration flow is accomplished by creating a\n",(0,r.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet Manager that refers to a Kubernetes\n",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," containing a valid kubeconfig file in the data field called ",(0,r.kt)("inlineCode",{parentName:"p"},"value"),"."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"If you are using Fleet standalone ",(0,r.kt)("em",{parentName:"p"},"without Rancher"),", it must be installed as described in ",(0,r.kt)("a",{parentName:"p",href:"/installation#configuration-for-multi-cluster"},"installation details"),"."),(0,r.kt)("p",{parentName:"admonition"},"The manager-initiated registration is used when you add a cluster from the Rancher dashboard.")),(0,r.kt)("h3",{id:"create-kubeconfig-secret"},"Create Kubeconfig Secret"),(0,r.kt)("p",null,"The format of this secret is intended to match the ",(0,r.kt)("a",{parentName:"p",href:"https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html#secrets"},"format")," of the kubeconfig\nsecret used in ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),".\nThis means you can use ",(0,r.kt)("inlineCode",{parentName:"p"},"cluster-api")," to create a cluster that is dynamically registered with Fleet."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Kubeconfig Secret Example"',title:'"Kubeconfig',Secret:!0,'Example"':!0},"kind: Secret\napiVersion: v1\nmetadata:\n name: my-cluster-kubeconfig\n namespace: clusters\ndata:\n value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==\n")),(0,r.kt)("h3",{id:"create-cluster-resource"},"Create Cluster Resource"),(0,r.kt)("p",null,"The cluster resource needs to reference the kubeconfig secret."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="Cluster Resource Example"',title:'"Cluster',Resource:!0,'Example"':!0},'apiVersion: fleet.cattle.io/v1alpha1\nkind: Cluster\nmetadata:\n name: my-cluster\n namespace: clusters\n labels:\n demo: "true"\n env: dev\nspec:\n kubeConfigSecret: my-cluster-kubeconfig\n')))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/aee07340.93d91daa.js b/assets/js/aee07340.0c8351cd.js similarity index 99% rename from assets/js/aee07340.93d91daa.js rename to assets/js/aee07340.0c8351cd.js index b9f9b2895..45ae3e4ba 100644 --- a/assets/js/aee07340.93d91daa.js +++ b/assets/js/aee07340.0c8351cd.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4777],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),d=r,h=c["".concat(s,".").concat(d)]||c[d]||m[d]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Mapping to Downstream Clusters",i={unversionedId:"gitrepo-targets",id:"version-0.7/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/versioned_docs/version-0.7/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.7/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/gitrepo-targets.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/0.7/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.7/bundle-diffs"}},s={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Supported Customizations",id:"supported-customizations",level:3},{value:"Additional Examples",id:"additional-examples",level:2}],u={toc:p};function m(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style\nIf no targets are specified, i.e. when using a single-cluster, the bundles target the default cluster group.")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"The ",(0,r.kt)("inlineCode",{parentName:"p"},"targets:")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource select clusters to deploy on. The ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations:")," in ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," override Helm values only and do not change targeting.")),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),":")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("h3",{id:"supported-customizations"},"Supported Customizations"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"DefaultNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ForceSyncGeneration"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"KeepResources"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ServiceAccount"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"TargetNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Atomic"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Chart"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.DisablePreProcess"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Force"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ReleaseName"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Repo"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TakeOwnership"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TimeoutSeconds"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ValuesFrom"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Values"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Version")),(0,r.kt)("admonition",{parentName:"li",title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will\ndeploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed\netcd's configured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details."))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.WaitForJobs"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#kustomizeoptions"},"Kustomize.Dir"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#yamloptions"},"YAML.Overlays"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#diffoptions"},"Diff.ComparePatches")))),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4777],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),d=r,h=c["".concat(s,".").concat(d)]||c[d]||m[d]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Mapping to Downstream Clusters",i={unversionedId:"gitrepo-targets",id:"version-0.7/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/versioned_docs/version-0.7/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.7/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/gitrepo-targets.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/0.7/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.7/bundle-diffs"}},s={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Supported Customizations",id:"supported-customizations",level:3},{value:"Additional Examples",id:"additional-examples",level:2}],u={toc:p};function m(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style\nIf no targets are specified, i.e. when using a single-cluster, the bundles target the default cluster group.")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"The ",(0,r.kt)("inlineCode",{parentName:"p"},"targets:")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource select clusters to deploy on. The ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations:")," in ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," override Helm values only and do not change targeting.")),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),":")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("h3",{id:"supported-customizations"},"Supported Customizations"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"DefaultNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ForceSyncGeneration"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"KeepResources"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ServiceAccount"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"TargetNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Atomic"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Chart"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.DisablePreProcess"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Force"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ReleaseName"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Repo"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TakeOwnership"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TimeoutSeconds"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ValuesFrom"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Values"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Version")),(0,r.kt)("admonition",{parentName:"li",title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will\ndeploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed\netcd's configured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details."))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.WaitForJobs"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#kustomizeoptions"},"Kustomize.Dir"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#yamloptions"},"YAML.Overlays"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#diffoptions"},"Diff.ComparePatches")))),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/af10d9fb.98110938.js b/assets/js/af10d9fb.7b49570c.js similarity index 98% rename from assets/js/af10d9fb.98110938.js rename to assets/js/af10d9fb.7b49570c.js index 081474b50..1d8af756f 100644 --- a/assets/js/af10d9fb.98110938.js +++ b/assets/js/af10d9fb.7b49570c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3632],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||f[d]||a;return r?n.createElement(m,o(o({ref:t},p),{},{components:r})):n.createElement(m,o({ref:t},p))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet apply"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/docs/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_apply.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/cli/fleet-cli/fleet"},next:{title:"fleet cleanup",permalink:"/cli/fleet-cli/fleet_cleanup"}},c={},s=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:s};function f(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --context string kubeconfig context for authentication\n --correct-drift Rollback any change made from outside of Fleet\n --correct-drift-force Use --force when correcting drift. Resources can be deleted and recreated\n --correct-drift-keep-fail-history Keep helm history for failed rollbacks\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n --helm-credentials-by-path-file string Path of file containing helm credentials for paths\n --helm-repo-url-regex string Helm credentials will be used if the helm repo matches this regex. Credentials will always be used if this is empty or not provided\n -h, --help help for apply\n --keep-resources Keep resources created after the GitRepo or Bundle is deleted\n -k, --kubeconfig string kubeconfig for authentication\n -l, --label strings Labels to apply to created bundles\n -n, --namespace string namespace (default "fleet-local")\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3632],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||f[d]||a;return r?n.createElement(m,o(o({ref:t},p),{},{components:r})):n.createElement(m,o({ref:t},p))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet apply"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/docs/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_apply.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/cli/fleet-cli/fleet"},next:{title:"fleet cleanup",permalink:"/cli/fleet-cli/fleet_cleanup"}},c={},s=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:s};function f(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --context string kubeconfig context for authentication\n --correct-drift Rollback any change made from outside of Fleet\n --correct-drift-force Use --force when correcting drift. Resources can be deleted and recreated\n --correct-drift-keep-fail-history Keep helm history for failed rollbacks\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n --helm-credentials-by-path-file string Path of file containing helm credentials for paths\n --helm-repo-url-regex string Helm credentials will be used if the helm repo matches this regex. Credentials will always be used if this is empty or not provided\n -h, --help help for apply\n --keep-resources Keep resources created after the GitRepo or Bundle is deleted\n -k, --kubeconfig string kubeconfig for authentication\n -l, --label strings Labels to apply to created bundles\n -n, --namespace string namespace (default "fleet-local")\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/af48bdba.dafb0ab6.js b/assets/js/af48bdba.d592dd4b.js similarity index 97% rename from assets/js/af48bdba.dafb0ab6.js rename to assets/js/af48bdba.d592dd4b.js index c159bea11..73693d51f 100644 --- a/assets/js/af48bdba.dafb0ab6.js +++ b/assets/js/af48bdba.d592dd4b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[964],{3905:(e,t,n)=>{n.d(t,{Zo:()=>i,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),d=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},i=function(e){var t=d(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,i=o(e,["components","mdxType","originalType","parentName"]),c=d(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},i),{},{components:n})):r.createElement(m,s({ref:t},i))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var d=2;d{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>d});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle state",o={unversionedId:"cluster-bundles-state",id:"version-0.5/cluster-bundles-state",title:"Cluster and Bundle state",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.5/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.5/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/cluster-bundles-state.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Image scan",permalink:"/0.5/imagescan"},next:{title:"Troubleshooting",permalink:"/0.5/troubleshooting"}},u={},d=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],i={toc:d};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},i,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle state"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[964],{3905:(e,t,n)=>{n.d(t,{Zo:()=>i,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),d=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},i=function(e){var t=d(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,i=o(e,["components","mdxType","originalType","parentName"]),c=d(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},i),{},{components:n})):r.createElement(m,s({ref:t},i))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var d=2;d{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>d});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle state",o={unversionedId:"cluster-bundles-state",id:"version-0.5/cluster-bundles-state",title:"Cluster and Bundle state",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.5/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.5/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/cluster-bundles-state.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Image scan",permalink:"/0.5/imagescan"},next:{title:"Troubleshooting",permalink:"/0.5/troubleshooting"}},u={},d=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],i={toc:d};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},i,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle state"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/afc4945b.2c9a4a97.js b/assets/js/afc4945b.a77bf464.js similarity index 98% rename from assets/js/afc4945b.2c9a4a97.js rename to assets/js/afc4945b.a77bf464.js index 6e6725da1..d22f88a09 100644 --- a/assets/js/afc4945b.2c9a4a97.js +++ b/assets/js/afc4945b.a77bf464.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6516],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"version-0.9/cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/versioned_docs/version-0.9/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/0.9/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-controller/fleet-manager.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/0.9/cli/fleet-cli/fleet_test"},next:{title:"Cluster and Bundle State",permalink:"/0.9/cluster-bundles-state"}},c={},s=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-bootstrap disable local cluster components\n --disable-gitops disable gitops components\n -h, --help help for fleet-manager\n --kubeconfig string Kubeconfig file\n --namespace string namespace to watch (default "cattle-fleet-system")\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6516],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"version-0.9/cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/versioned_docs/version-0.9/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/0.9/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-controller/fleet-manager.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/0.9/cli/fleet-cli/fleet_test"},next:{title:"Cluster and Bundle State",permalink:"/0.9/cluster-bundles-state"}},c={},s=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-bootstrap disable local cluster components\n --disable-gitops disable gitops components\n -h, --help help for fleet-manager\n --kubeconfig string Kubeconfig file\n --namespace string namespace to watch (default "cattle-fleet-system")\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/b0423865.48d0ab85.js b/assets/js/b0423865.735228ad.js similarity index 98% rename from assets/js/b0423865.48d0ab85.js rename to assets/js/b0423865.735228ad.js index c6a58406f..f77ac1e0c 100644 --- a/assets/js/b0423865.48d0ab85.js +++ b/assets/js/b0423865.735228ad.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4939],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=a.createContext({}),l=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=l(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,c=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=l(n),u=r,g=d["".concat(c,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var c in t)hasOwnProperty.call(t,c)&&(s[c]=t[c]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>l});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"version-0.9/imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.9/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.9/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/imagescan.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/0.9/webhook"},next:{title:"Create a Bundle Resource",permalink:"/0.9/bundle-add"}},c={},l=[],m={toc:l};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order\n- policy:\n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver:\n range: "*"\n # can use ascending or descending order\n alphabetical:\n order: asc\n\n # specify images to scan\n image: "your.registry.com/repo/image"\n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret\n\n # Specify the scan interval\n interval: 5m\n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples\n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m\n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret\n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4939],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=a.createContext({}),l=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=l(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,c=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=l(n),u=r,g=d["".concat(c,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var c in t)hasOwnProperty.call(t,c)&&(s[c]=t[c]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>l});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"version-0.9/imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.9/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.9/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/imagescan.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/0.9/webhook"},next:{title:"Create a Bundle Resource",permalink:"/0.9/bundle-add"}},c={},l=[],m={toc:l};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order\n- policy:\n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver:\n range: "*"\n # can use ascending or descending order\n alphabetical:\n order: asc\n\n # specify images to scan\n image: "your.registry.com/repo/image"\n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret\n\n # Specify the scan interval\n interval: 5m\n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples\n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m\n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret\n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/b2456c44.50475ed6.js b/assets/js/b2456c44.8cb5e885.js similarity index 99% rename from assets/js/b2456c44.50475ed6.js rename to assets/js/b2456c44.8cb5e885.js index 6955b77ab..0c885be20 100644 --- a/assets/js/b2456c44.50475ed6.js +++ b/assets/js/b2456c44.8cb5e885.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1760],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function r(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),u=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),p=u(n),m=l,h=p["".concat(s,".").concat(m)]||p[m]||d[m]||o;return n?a.createElement(h,r(r({ref:t},c),{},{components:n})):a.createElement(h,r({ref:t},c))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=n.length,r=new Array(o);r[0]=p;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,r[1]=i;for(var u=2;u{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>u});var a=n(7462),l=(n(7294),n(3905));const o={},r="fleet.yaml",i={unversionedId:"ref-fleet-yaml",id:"ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/docs/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-fleet-yaml.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/ref-crds"},next:{title:"GitRepo Resource",permalink:"/ref-gitrepo"}},s={},u=[{value:"Reference",id:"reference",level:3},{value:"Helm Options",id:"helm-options",level:3},{value:"How fleet-agent deploys the bundle",id:"how-fleet-agent-deploys-the-bundle",level:4},{value:"Helm Chart Download Options",id:"helm-chart-download-options",level:4},{value:"Helm Chart Value Options",id:"helm-chart-value-options",level:4},{value:"Templating",id:"templating",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,l.kt)("p",null,"For more information on how to use the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,l.kt)("a",{parentName:"p",href:"/gitrepo-content"},"Git Repository Contents"),"."),(0,l.kt)("p",null,"The content of the fleet.yaml corresponds to the struct at ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/b501b7e7864d37e310dfcdb109c73e5aec4240bb/pkg/bundlereader/read.go#L132-L139"},"pkg/bundlereader/read.go"),", which contains the ",(0,l.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,l.kt)("h3",{id:"reference"},"Reference"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# namespaceLabels are labels that will be appended to the namespace created by Fleet.\nnamespaceLabels:\n key: value\n# namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.\nnamespaceAnnotations:\n key: value\n\n# Optional map of labels, that are set at the bundle and can be used in a\n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n ### These options control how "fleet apply" downloads the chart\n #\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup.\n # It is possible to download the chart from a Git repository, e.g.\n # by using `git@github.com:rancher/fleet-examples//single-cluster/helm`. If a\n # secret for the SSH key was defined in the GitRepo via `helmSecretName`, it\n # will be injected into the chart URL.\n # Git repositories can be downloaded via unauthenticated http, by using for example:\n # `git::http://github.com/rancher/fleet-examples//single-cluster/helm`.\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # By default fleet downloads any dependency found in a helm chart. \n # Use disableDependencyUpdate: true to disable this feature.\n disableDependencyUpdate: false\n\n ### These options only work for helm-type bundles\n #\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # See Templating notes below for more information on templating.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default\n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n\n ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.\n #\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # Disable DNS resolution in Helm\'s template functions\n disableDNS: false\n # Skip evaluation of the values.schema.json file\n skipSchemaValidation: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector:\n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. When using Fleet in\n # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.\n clusterName: dev-cluster\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # Resources will not be deployed in the matched clusters if doNotDeploy is true.\n doNotDeploy: false\n # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses\n # a three-way merge strategy by default.\n # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating\n # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.\n # Keep in mind that resources might be recreated if force is enabled.\n # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.\n correctDrift:\n enabled: false\n force: false #Warning: it might recreate resources if set to true\n keepFailHistory: false\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:\n # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n\n# Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources\n# makes the Bundle to be in an error state when it shouldn\'t.\nignore:\n # Conditions to be ignored\n conditions:\n # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}\n - type: Active\n status: "False"\n\n# Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.\noverrideTargets:\n - clusterSelector:\n matchLabels:\n env: dev\n\n')),(0,l.kt)("h3",{id:"helm-options"},"Helm Options"),(0,l.kt)("h4",{id:"how-fleet-agent-deploys-the-bundle"},"How fleet-agent deploys the bundle"),(0,l.kt)("p",null,"These options also apply to kustomize- and manifest-style bundles.\nThey control how the fleet-agent deploys the bundle. All bundles are converted into Helm charts and deployed with the Helm SDK.\nThese options are often similar to the Helm CLI options for install and update."),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"releaseName"),(0,l.kt)("li",{parentName:"ul"},"takeOwnership"),(0,l.kt)("li",{parentName:"ul"},"force"),(0,l.kt)("li",{parentName:"ul"},"atomic"),(0,l.kt)("li",{parentName:"ul"},"disablePreProcess"),(0,l.kt)("li",{parentName:"ul"},"disableDNS"),(0,l.kt)("li",{parentName:"ul"},"skipSchemaValidation"),(0,l.kt)("li",{parentName:"ul"},"waitForJobs")),(0,l.kt)("h4",{id:"helm-chart-download-options"},"Helm Chart Download Options"),(0,l.kt)("p",null,"These options are for Helm-style bundles, they specify how to download the chart."),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"chart"),(0,l.kt)("li",{parentName:"ul"},"repo"),(0,l.kt)("li",{parentName:"ul"},"version")),(0,l.kt)("p",null,"The reference to the chart can be either:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"a local path in the cloned Git repository, specified by ",(0,l.kt)("inlineCode",{parentName:"li"},"chart"),"."),(0,l.kt)("li",{parentName:"ul"},"a ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/hashicorp/go-getter?tab=readme-ov-file#url-format"},"go-getter URL"),", specified by ",(0,l.kt)("inlineCode",{parentName:"li"},"chart"),". This can be used to download a tarball\nof the chart. go-getter also allows to download a chart from a Git repo."),(0,l.kt)("li",{parentName:"ul"},"a Helm repository, specified by ",(0,l.kt)("inlineCode",{parentName:"li"},"repo")," and optionally ",(0,l.kt)("inlineCode",{parentName:"li"},"version"),"."),(0,l.kt)("li",{parentName:"ul"},"an OCI Helm repository, specified by ",(0,l.kt)("inlineCode",{parentName:"li"},"repo")," and optionally ",(0,l.kt)("inlineCode",{parentName:"li"},"version"),".")),(0,l.kt)("h4",{id:"helm-chart-value-options"},"Helm Chart Value Options"),(0,l.kt)("p",null,"Options for the downloaded Helm chart."),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"values"),(0,l.kt)("li",{parentName:"ul"},"valuesFiles"),(0,l.kt)("li",{parentName:"ul"},"valueFrom")),(0,l.kt)("h3",{id:"templating"},"Templating"),(0,l.kt)("p",null,"It is possible to specify the keys and values as go template strings for\nadvanced templating needs.\nMost of the functions from the sprig templating library are available."),(0,l.kt)("p",null,"Note that if the functions output changes with every call, e.g. ",(0,l.kt)("inlineCode",{parentName:"p"},"uuidv4"),", the bundle will get redeployed."),(0,l.kt)("p",null,"The template context has the following keys:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},".ClusterValues")," are retrieved from target cluster's ",(0,l.kt)("inlineCode",{parentName:"li"},"spec.templateValues")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},".ClusterLabels")," and ",(0,l.kt)("inlineCode",{parentName:"li"},".ClusterAnnotations")," are the labels and annoations in the cluster resource."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},".ClusterName")," as the fleet's cluster resource name."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},".ClusterNamespace")," as the namespace in which the cluster resource exists.")),(0,l.kt)("p",null,"Note: The fleet.yaml must be valid yaml. Templating uses ",(0,l.kt)("inlineCode",{parentName:"p"},"${ }")," as delims, unlike Helm which uses ",(0,l.kt)("inlineCode",{parentName:"p"},"{{ }}"),".\nThese fleet.yaml template delimiters can be escaped using backticks, eg.:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"foo-bar-${`${PWD}`}\n")),(0,l.kt)("p",null,"will result in the following text:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"foo-bar-${PWD}\n")))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1760],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function r(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),u=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),p=u(n),m=l,h=p["".concat(s,".").concat(m)]||p[m]||d[m]||o;return n?a.createElement(h,r(r({ref:t},c),{},{components:n})):a.createElement(h,r({ref:t},c))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=n.length,r=new Array(o);r[0]=p;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,r[1]=i;for(var u=2;u{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>u});var a=n(7462),l=(n(7294),n(3905));const o={},r="fleet.yaml",i={unversionedId:"ref-fleet-yaml",id:"ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/docs/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-fleet-yaml.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/ref-crds"},next:{title:"GitRepo Resource",permalink:"/ref-gitrepo"}},s={},u=[{value:"Reference",id:"reference",level:3},{value:"Helm Options",id:"helm-options",level:3},{value:"How fleet-agent deploys the bundle",id:"how-fleet-agent-deploys-the-bundle",level:4},{value:"Helm Chart Download Options",id:"helm-chart-download-options",level:4},{value:"Helm Chart Value Options",id:"helm-chart-value-options",level:4},{value:"Templating",id:"templating",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,l.kt)("p",null,"The ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,l.kt)("p",null,"For more information on how to use the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,l.kt)("a",{parentName:"p",href:"/gitrepo-content"},"Git Repository Contents"),"."),(0,l.kt)("p",null,"The content of the fleet.yaml corresponds to the struct at ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/b501b7e7864d37e310dfcdb109c73e5aec4240bb/pkg/bundlereader/read.go#L132-L139"},"pkg/bundlereader/read.go"),", which contains the ",(0,l.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,l.kt)("h3",{id:"reference"},"Reference"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# namespaceLabels are labels that will be appended to the namespace created by Fleet.\nnamespaceLabels:\n key: value\n# namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.\nnamespaceAnnotations:\n key: value\n\n# Optional map of labels, that are set at the bundle and can be used in a\n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n ### These options control how "fleet apply" downloads the chart\n #\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup.\n # It is possible to download the chart from a Git repository, e.g.\n # by using `git@github.com:rancher/fleet-examples//single-cluster/helm`. If a\n # secret for the SSH key was defined in the GitRepo via `helmSecretName`, it\n # will be injected into the chart URL.\n # Git repositories can be downloaded via unauthenticated http, by using for example:\n # `git::http://github.com/rancher/fleet-examples//single-cluster/helm`.\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # By default fleet downloads any dependency found in a helm chart. \n # Use disableDependencyUpdate: true to disable this feature.\n disableDependencyUpdate: false\n\n ### These options only work for helm-type bundles\n #\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # See Templating notes below for more information on templating.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default\n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n\n ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.\n #\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # Disable DNS resolution in Helm\'s template functions\n disableDNS: false\n # Skip evaluation of the values.schema.json file\n skipSchemaValidation: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector:\n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. When using Fleet in\n # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.\n clusterName: dev-cluster\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # Resources will not be deployed in the matched clusters if doNotDeploy is true.\n doNotDeploy: false\n # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses\n # a three-way merge strategy by default.\n # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating\n # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.\n # Keep in mind that resources might be recreated if force is enabled.\n # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.\n correctDrift:\n enabled: false\n force: false #Warning: it might recreate resources if set to true\n keepFailHistory: false\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:\n # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n\n# Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources\n# makes the Bundle to be in an error state when it shouldn\'t.\nignore:\n # Conditions to be ignored\n conditions:\n # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}\n - type: Active\n status: "False"\n\n# Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.\noverrideTargets:\n - clusterSelector:\n matchLabels:\n env: dev\n\n')),(0,l.kt)("h3",{id:"helm-options"},"Helm Options"),(0,l.kt)("h4",{id:"how-fleet-agent-deploys-the-bundle"},"How fleet-agent deploys the bundle"),(0,l.kt)("p",null,"These options also apply to kustomize- and manifest-style bundles.\nThey control how the fleet-agent deploys the bundle. All bundles are converted into Helm charts and deployed with the Helm SDK.\nThese options are often similar to the Helm CLI options for install and update."),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"releaseName"),(0,l.kt)("li",{parentName:"ul"},"takeOwnership"),(0,l.kt)("li",{parentName:"ul"},"force"),(0,l.kt)("li",{parentName:"ul"},"atomic"),(0,l.kt)("li",{parentName:"ul"},"disablePreProcess"),(0,l.kt)("li",{parentName:"ul"},"disableDNS"),(0,l.kt)("li",{parentName:"ul"},"skipSchemaValidation"),(0,l.kt)("li",{parentName:"ul"},"waitForJobs")),(0,l.kt)("h4",{id:"helm-chart-download-options"},"Helm Chart Download Options"),(0,l.kt)("p",null,"These options are for Helm-style bundles, they specify how to download the chart."),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"chart"),(0,l.kt)("li",{parentName:"ul"},"repo"),(0,l.kt)("li",{parentName:"ul"},"version")),(0,l.kt)("p",null,"The reference to the chart can be either:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"a local path in the cloned Git repository, specified by ",(0,l.kt)("inlineCode",{parentName:"li"},"chart"),"."),(0,l.kt)("li",{parentName:"ul"},"a ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/hashicorp/go-getter?tab=readme-ov-file#url-format"},"go-getter URL"),", specified by ",(0,l.kt)("inlineCode",{parentName:"li"},"chart"),". This can be used to download a tarball\nof the chart. go-getter also allows to download a chart from a Git repo."),(0,l.kt)("li",{parentName:"ul"},"a Helm repository, specified by ",(0,l.kt)("inlineCode",{parentName:"li"},"repo")," and optionally ",(0,l.kt)("inlineCode",{parentName:"li"},"version"),"."),(0,l.kt)("li",{parentName:"ul"},"an OCI Helm repository, specified by ",(0,l.kt)("inlineCode",{parentName:"li"},"repo")," and optionally ",(0,l.kt)("inlineCode",{parentName:"li"},"version"),".")),(0,l.kt)("h4",{id:"helm-chart-value-options"},"Helm Chart Value Options"),(0,l.kt)("p",null,"Options for the downloaded Helm chart."),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"values"),(0,l.kt)("li",{parentName:"ul"},"valuesFiles"),(0,l.kt)("li",{parentName:"ul"},"valueFrom")),(0,l.kt)("h3",{id:"templating"},"Templating"),(0,l.kt)("p",null,"It is possible to specify the keys and values as go template strings for\nadvanced templating needs.\nMost of the functions from the sprig templating library are available."),(0,l.kt)("p",null,"Note that if the functions output changes with every call, e.g. ",(0,l.kt)("inlineCode",{parentName:"p"},"uuidv4"),", the bundle will get redeployed."),(0,l.kt)("p",null,"The template context has the following keys:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},".ClusterValues")," are retrieved from target cluster's ",(0,l.kt)("inlineCode",{parentName:"li"},"spec.templateValues")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},".ClusterLabels")," and ",(0,l.kt)("inlineCode",{parentName:"li"},".ClusterAnnotations")," are the labels and annoations in the cluster resource."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},".ClusterName")," as the fleet's cluster resource name."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},".ClusterNamespace")," as the namespace in which the cluster resource exists.")),(0,l.kt)("p",null,"Note: The fleet.yaml must be valid yaml. Templating uses ",(0,l.kt)("inlineCode",{parentName:"p"},"${ }")," as delims, unlike Helm which uses ",(0,l.kt)("inlineCode",{parentName:"p"},"{{ }}"),".\nThese fleet.yaml template delimiters can be escaped using backticks, eg.:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"foo-bar-${`${PWD}`}\n")),(0,l.kt)("p",null,"will result in the following text:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"foo-bar-${PWD}\n")))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/b283d2e2.ca887c22.js b/assets/js/b283d2e2.d9ef9881.js similarity index 99% rename from assets/js/b283d2e2.ca887c22.js rename to assets/js/b283d2e2.d9ef9881.js index 5a355b707..91f19ed41 100644 --- a/assets/js/b283d2e2.ca887c22.js +++ b/assets/js/b283d2e2.d9ef9881.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5479],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var i=a.createContext({}),u=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,o=e.mdxType,r=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=u(n),m=o,f=p["".concat(i,".").concat(m)]||p[m]||d[m]||r;return n?a.createElement(f,l(l({ref:t},c),{},{components:n})):a.createElement(f,l({ref:t},c))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var r=n.length,l=new Array(r);l[0]=p;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var u=2;u{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>d,frontMatter:()=>r,metadata:()=>s,toc:()=>u});var a=n(7462),o=(n(7294),n(3905));const r={},l="fleet.yaml",s={unversionedId:"ref-fleet-yaml",id:"version-0.8/ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/versioned_docs/version-0.8/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/0.8/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-fleet-yaml.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/0.8/ref-crds"},next:{title:"GitRepo Resource",permalink:"/0.8/ref-gitrepo"}},i={},u=[{value:"Reference",id:"reference",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,o.kt)("p",null,"For more information on how to use the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,o.kt)("a",{parentName:"p",href:"/0.8/gitrepo-content"},"Git Repository Contents"),"."),(0,o.kt)("p",null,"The content of the fleet.yaml corresponds to the struct at ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/b501b7e7864d37e310dfcdb109c73e5aec4240bb/pkg/bundlereader/read.go#L132-L139"},"pkg/bundlereader/read.go"),", which contains the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,o.kt)("h3",{id:"reference"},"Reference"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# namespaceLabels are labels that will be appended to the namespace created by Fleet.\nnamespaceLabels:\n key: value\n# namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.\nnamespaceAnnotations:\n key: value\n\n# Optional map of labels, that are set at the bundle and can be used in a\n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n ### These options control how "fleet apply" downloads the chart\n #\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n\n ### These options only work for helm-type bundles\n #\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # It is possible to specify the keys and values as go template strings for\n # advanced templating needs. Most of the functions from the sprig templating\n # library are available. Note, if the functions output changes with every\n # call, e.g. `uuidv4`, the bundle will get redeployed.\n # The template context has following keys.\n # `.ClusterValues` are retrieved from target cluster\'s `spec.templateValues`\n # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.\n # `.ClusterName` as the fleet\'s cluster resource name.\n # `.ClusterNamespace` as the namespace in which the cluster resource exists.\n # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,\n # unlike helm which uses {{ }}.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default\n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n\n ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.\n #\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector:\n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. When using Fleet in\n # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.\n clusterName: dev-cluster\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # Resources will not be deployed in the matched clusters if doNotDeploy is true.\n doNotDeploy: false\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:\n # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n\n# Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources\n# makes the Bundle to be in an error state when it shouldn\'t.\nignore:\n # Conditions to be ignored\n conditions:\n # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}\n - type: Active\n status: "False"\n\n# Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.\noverrideTargets:\n - clusterSelector:\n matchLabels:\n env: dev\n\n')))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5479],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function l(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var i=a.createContext({}),u=function(e){var t=a.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},c=function(e){var t=u(e.components);return a.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},p=a.forwardRef((function(e,t){var n=e.components,o=e.mdxType,r=e.originalType,i=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),p=u(n),m=o,f=p["".concat(i,".").concat(m)]||p[m]||d[m]||r;return n?a.createElement(f,l(l({ref:t},c),{},{components:n})):a.createElement(f,l({ref:t},c))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var r=n.length,l=new Array(r);l[0]=p;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var u=2;u{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>d,frontMatter:()=>r,metadata:()=>s,toc:()=>u});var a=n(7462),o=(n(7294),n(3905));const r={},l="fleet.yaml",s={unversionedId:"ref-fleet-yaml",id:"version-0.8/ref-fleet-yaml",title:"fleet.yaml",description:"The fleet.yaml file adds options to a bundle. Any directory with a fleet.yaml is automatically turned into bundle.",source:"@site/versioned_docs/version-0.8/ref-fleet-yaml.md",sourceDirName:".",slug:"/ref-fleet-yaml",permalink:"/0.8/ref-fleet-yaml",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-fleet-yaml.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources Spec",permalink:"/0.8/ref-crds"},next:{title:"GitRepo Resource",permalink:"/0.8/ref-gitrepo"}},i={},u=[{value:"Reference",id:"reference",level:3}],c={toc:u};function d(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"fleetyaml"},"fleet.yaml"),(0,o.kt)("p",null,"The ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file adds options to a bundle. Any directory with a ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is automatically turned into bundle."),(0,o.kt)("p",null,"For more information on how to use the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to customize bundles see ",(0,o.kt)("a",{parentName:"p",href:"/0.8/gitrepo-content"},"Git Repository Contents"),"."),(0,o.kt)("p",null,"The content of the fleet.yaml corresponds to the struct at ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/b501b7e7864d37e310dfcdb109c73e5aec4240bb/pkg/bundlereader/read.go#L132-L139"},"pkg/bundlereader/read.go"),", which contains the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),"."),(0,o.kt)("h3",{id:"reference"},"Reference"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\n# namespaceLabels are labels that will be appended to the namespace created by Fleet.\nnamespaceLabels:\n key: value\n# namespaceAnnotations are annotations that will be appended to the namespace created by Fleet.\nnamespaceAnnotations:\n key: value\n\n# Optional map of labels, that are set at the bundle and can be used in a\n# dependsOn.selector\nlabels:\n key: value\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n ### These options control how "fleet apply" downloads the chart\n #\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n\n ### These options only work for helm-type bundles\n #\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n # The variable\'s value will be an empty string if the referenced cluster label does not\n # exist on the targeted cluster\n variableName: global.fleet.clusterLabels.LABELNAME\n # It is possible to specify the keys and values as go template strings for\n # advanced templating needs. Most of the functions from the sprig templating\n # library are available. Note, if the functions output changes with every\n # call, e.g. `uuidv4`, the bundle will get redeployed.\n # The template context has following keys.\n # `.ClusterValues` are retrieved from target cluster\'s `spec.templateValues`\n # `.ClusterLabels` and `.ClusterAnnotations` are the labels and annoations in the cluster resource.\n # `.ClusterName` as the fleet\'s cluster resource name.\n # `.ClusterNamespace` as the namespace in which the cluster resource exists.\n # Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims,\n # unlike helm which uses {{ }}.\n templatedLabel: "${ .ClusterLabels.LABELNAME }-foo"\n valueFromEnv:\n "${ .ClusterLabels.ENV }": ${ .ClusterValues.someValue | upper | quote }\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets defined in the downstream clusters\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default\n key: values.yaml\n - secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n\n ### These options control how fleet-agent deploys the bundle, they also apply for kustomize- and manifest-style bundles.\n #\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # Makes helm skip the check for its own annotations\n takeOwnership: false\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n # Disable go template pre-processing on the fleet values\n disablePreProcess: false\n # if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready.\n # It will wait for as long as timeoutSeconds\n waitForJobs: true\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector:\n clusterSelector:\n matchLabels:\n env: prod\n\n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. When using Fleet in\n # Rancher, make sure to put the name of the clusters.fleet.cattle.io resource.\n clusterName: dev-cluster\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # Resources will not be deployed in the matched clusters if doNotDeploy is true.\n doNotDeploy: false\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n # Note: Bundle names are limited to 53 characters long. If longer they will be shortened:\n # opni-fleet-examples-fleets-opni-ui-plugin-operator-crd becomes opni-fleet-examples-fleets-opni-ui-plugin-opera-021f7\n - name: one-multi-cluster-hello-world\n # Select bundles to depend on based on their label.\n - selector:\n matchLabels:\n app: weak-monkey\n\n# Ignore fields when monitoring a Bundle. This can be used when Fleet thinks some conditions in Custom Resources\n# makes the Bundle to be in an error state when it shouldn\'t.\nignore:\n # Conditions to be ignored\n conditions:\n # In this example a condition will be ignored if it contains {"type": "Active", "status", "False"}\n - type: Active\n status: "False"\n\n# Override targets defined in the GitRepo. The Bundle will not have any targets from the GitRepo if overrideTargets is provided.\noverrideTargets:\n - clusterSelector:\n matchLabels:\n env: dev\n\n')))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/b32c755c.c645b6dc.js b/assets/js/b32c755c.18ad0bef.js similarity index 99% rename from assets/js/b32c755c.c645b6dc.js rename to assets/js/b32c755c.18ad0bef.js index 580f03731..b0aaf9a6a 100644 --- a/assets/js/b32c755c.c645b6dc.js +++ b/assets/js/b32c755c.18ad0bef.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[859],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs for Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.5/bundle-diffs",title:"Generating Diffs for Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.5/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.5/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/bundle-diffs.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.5/gitrepo-targets"},next:{title:"Webhook",permalink:"/0.5/webhook"}},l={},p=[{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-for-modified-gitrepos"},"Generating Diffs for Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec. "),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")," "),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and "),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[859],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs for Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.5/bundle-diffs",title:"Generating Diffs for Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.5/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.5/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/bundle-diffs.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.5/gitrepo-targets"},next:{title:"Webhook",permalink:"/0.5/webhook"}},l={},p=[{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-for-modified-gitrepos"},"Generating Diffs for Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec. "),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")," "),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and "),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file diff --git a/assets/js/b60b3bd8.fbc9144b.js b/assets/js/b60b3bd8.2e053506.js similarity index 97% rename from assets/js/b60b3bd8.fbc9144b.js rename to assets/js/b60b3bd8.2e053506.js index faf97e568..3dd1dcc0a 100644 --- a/assets/js/b60b3bd8.fbc9144b.js +++ b/assets/js/b60b3bd8.2e053506.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4917],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.4/cluster-group",title:"Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.4/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.4/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/cluster-group.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Manager Initiated",permalink:"/0.4/manager-initiated"},next:{title:"Namespaces",permalink:"/0.4/namespaces"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-groups"},"Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4917],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.4/cluster-group",title:"Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.4/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.4/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/cluster-group.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Manager Initiated",permalink:"/0.4/manager-initiated"},next:{title:"Namespaces",permalink:"/0.4/namespaces"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-groups"},"Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/b753e7fe.45ca7c92.js b/assets/js/b753e7fe.7e8ef318.js similarity index 97% rename from assets/js/b753e7fe.45ca7c92.js rename to assets/js/b753e7fe.7e8ef318.js index 2439edf8d..383289c13 100644 --- a/assets/js/b753e7fe.45ca7c92.js +++ b/assets/js/b753e7fe.7e8ef318.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7497],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},g={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),u=p(n),f=a,m=u["".concat(i,".").concat(f)]||u[f]||g[f]||o;return n?r.createElement(m,l(l({ref:t},s),{},{components:n})):r.createElement(m,l({ref:t},s))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=u;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:a,l[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>g,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var r=n(7462),a=(n(7294),n(3905));const o={title:"0.8 Changelogs"},l=void 0,c={unversionedId:"changelogs/index",id:"version-0.8/changelogs/index",title:"0.8 Changelogs",description:"* (latest)",source:"@site/versioned_docs/version-0.8/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.8/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/index.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.8 Changelogs"}},i={},p=[],s={toc:p};function g(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.4"})," (latest)")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.3"})," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.2"})," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.1"},"v0.8.1")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.0"},"v0.8.0")))))}g.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7497],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},g={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),u=p(n),f=a,m=u["".concat(i,".").concat(f)]||u[f]||g[f]||o;return n?r.createElement(m,l(l({ref:t},s),{},{components:n})):r.createElement(m,l({ref:t},s))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=u;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:a,l[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>g,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var r=n(7462),a=(n(7294),n(3905));const o={title:"0.8 Changelogs"},l=void 0,c={unversionedId:"changelogs/index",id:"version-0.8/changelogs/index",title:"0.8 Changelogs",description:"* (latest)",source:"@site/versioned_docs/version-0.8/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.8/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/index.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.8 Changelogs"}},i={},p=[],s={toc:p};function g(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.4"})," (latest)")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.3"})," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.2"})," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.1"},"v0.8.1")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.8/changelogs/changelogs/v0.8.0"},"v0.8.0")))))}g.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/b7ae13b2.016f390f.js b/assets/js/b7ae13b2.60d18fee.js similarity index 96% rename from assets/js/b7ae13b2.016f390f.js rename to assets/js/b7ae13b2.60d18fee.js index 07ebbfdcd..f908f1f22 100644 --- a/assets/js/b7ae13b2.016f390f.js +++ b/assets/js/b7ae13b2.60d18fee.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6588],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=s(n),d=a,f=m["".concat(c,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/docs/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/uninstall.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/tut-deployment"},next:{title:"Architecture",permalink:"/architecture"}},c={},s=[],p={toc:s};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6588],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var c=r.createContext({}),s=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=s(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=s(n),d=a,f=m["".concat(c,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/docs/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/uninstall.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/tut-deployment"},next:{title:"Architecture",permalink:"/architecture"}},c={},s=[],p={toc:s};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/b8f3160f.163ad17f.js b/assets/js/b8f3160f.b75c7974.js similarity index 99% rename from assets/js/b8f3160f.163ad17f.js rename to assets/js/b8f3160f.b75c7974.js index 8cfdd7ebd..ba7447af1 100644 --- a/assets/js/b8f3160f.163ad17f.js +++ b/assets/js/b8f3160f.b75c7974.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8711],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),d=r,h=c["".concat(s,".").concat(d)]||c[d]||m[d]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Mapping to Downstream Clusters",i={unversionedId:"gitrepo-targets",id:"gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/docs/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/gitrepo-targets.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/bundle-diffs"}},s={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Supported Customizations",id:"supported-customizations",level:3},{value:"Additional Examples",id:"additional-examples",level:2}],u={toc:p};function m(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style\nIf no targets are specified, i.e. when using a single-cluster, the bundles target the default cluster group.")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n # Match everything\n - clusterSelector: {}\n # Selector ignored\n - clusterSelector: null\n")),(0,r.kt)("p",null,"You can also match clusters by name:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n - clusterName: fleetname\n")),(0,r.kt)("p",null,"When using Fleet in Rancher, make sure to put the name of the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource."),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"The ",(0,r.kt)("inlineCode",{parentName:"p"},"targets:")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource select clusters to deploy on. The ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations:")," in ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," override Helm values only and do not change targeting.")),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),":")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("h3",{id:"supported-customizations"},"Supported Customizations"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"DefaultNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ForceSyncGeneration"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"KeepResources"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ServiceAccount"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"TargetNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Atomic"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Chart"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.DisablePreProcess"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Force"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ReleaseName"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Repo"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TakeOwnership"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TimeoutSeconds"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ValuesFrom"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Values"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Version")),(0,r.kt)("admonition",{parentName:"li",title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will\ndeploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed\netcd's configured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details."))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.WaitForJobs"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#kustomizeoptions"},"Kustomize.Dir"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#yamloptions"},"YAML.Overlays"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#diffoptions"},"Diff.ComparePatches")))),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8711],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>d});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),d=r,h=c["".concat(s,".").concat(d)]||c[d]||m[d]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function d(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Mapping to Downstream Clusters",i={unversionedId:"gitrepo-targets",id:"gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Fleet in Rancher allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration.",source:"@site/docs/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/gitrepo-targets.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create a GitRepo Resource",permalink:"/gitrepo-add"},next:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/bundle-diffs"}},s={},p=[{value:"Defining Targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default Target",id:"default-target",level:2},{value:"Customization per Cluster",id:"customization-per-cluster",level:2},{value:"Supported Customizations",id:"supported-customizations",level:3},{value:"Additional Examples",id:"additional-examples",level:2}],u={toc:p};function m(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,r.kt)("p",null,(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style\nIf no targets are specified, i.e. when using a single-cluster, the bundles target the default cluster group.")),(0,r.kt)("p",null,"When deploying ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,r.kt)("h2",{id:"defining-targets"},"Defining Targets"),(0,r.kt)("p",null,"The deployment targets of ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n # A specific cluster by name that will be selected\n clusterName: cluster1\n')),(0,r.kt)("h2",{id:"target-matching"},"Target Matching"),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,r.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n # Match everything\n - clusterSelector: {}\n # Selector ignored\n - clusterSelector: null\n")),(0,r.kt)("p",null,"You can also match clusters by name:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n - clusterName: fleetname\n")),(0,r.kt)("p",null,"When using Fleet in Rancher, make sure to put the name of the ",(0,r.kt)("inlineCode",{parentName:"p"},"clusters.fleet.cattle.io")," resource."),(0,r.kt)("h2",{id:"default-target"},"Default Target"),(0,r.kt)("p",null,"If no target is set for the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,r.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."),(0,r.kt)("h2",{id:"customization-per-cluster"},"Customization per Cluster"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"The ",(0,r.kt)("inlineCode",{parentName:"p"},"targets:")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," resource select clusters to deploy on. The ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations:")," in ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," override Helm values only and do not change targeting.")),(0,r.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters with customization using Fleet, we will use ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml"),"."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,r.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,r.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,r.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Expected behavior:")),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,r.kt)("li",{parentName:"ul"},"After deploying to the ",(0,r.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,r.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,r.kt)("ol",null,(0,r.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,r.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,r.kt)("li",{parentName:"ol"},"Under ",(0,r.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,r.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,r.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),":")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"Result:")),(0,r.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,r.kt)("blockquote",null,(0,r.kt)("p",{parentName:"blockquote"},(0,r.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,r.kt)("h3",{id:"supported-customizations"},"Supported Customizations"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"DefaultNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ForceSyncGeneration"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"KeepResources"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"ServiceAccount"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#bundledeploymentoptions"},"TargetNamespace"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Atomic"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Chart"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.DisablePreProcess"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Force"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ReleaseName"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Repo"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TakeOwnership"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.TimeoutSeconds"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.ValuesFrom"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Values"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.Version")),(0,r.kt)("admonition",{parentName:"li",title:"important information",type:"warning"},(0,r.kt)("p",{parentName:"admonition"},"Overriding the version of a Helm chart via target customizations will lead to bundles containing ",(0,r.kt)("em",{parentName:"p"},"all")," versions, ie the\ndefault one and the custom one(s), of the chart, to accommodate all clusters. This in turn means that Fleet will\ndeploy larger bundles."),(0,r.kt)("p",{parentName:"admonition"},"As Fleet stores bundles via etcd, this may cause issues on some clusters where resultant bundle sizes may exceed\netcd's configured maximum blob size. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/issues/1650"},"this issue")," for more details."))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#helmoptions"},"Helm.WaitForJobs"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#kustomizeoptions"},"Kustomize.Dir"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#yamloptions"},"YAML.Overlays"))),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},(0,r.kt)("a",{parentName:"p",href:"/ref-crds#diffoptions"},"Diff.ComparePatches")))),(0,r.kt)("h2",{id:"additional-examples"},"Additional Examples"),(0,r.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/b9a03c38.ba08a208.js b/assets/js/b9a03c38.e3a2dc44.js similarity index 98% rename from assets/js/b9a03c38.ba08a208.js rename to assets/js/b9a03c38.e3a2dc44.js index 97689a607..17fdaf2ac 100644 --- a/assets/js/b9a03c38.ba08a208.js +++ b/assets/js/b9a03c38.e3a2dc44.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4581],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>d});var l=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=l.createContext({}),p=function(e){var t=l.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return l.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},u=l.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=p(n),d=a,h=u["".concat(s,".").concat(d)]||u[d]||m[d]||r;return n?l.createElement(h,o(o({ref:t},c),{},{components:n})):l.createElement(h,o({ref:t},c))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,o=new Array(r);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>r,metadata:()=>i,toc:()=>p});var l=n(7462),a=(n(7294),n(3905));const r={},o="Examples",i={unversionedId:"examples",id:"version-0.5/examples",title:"Examples",description:"Lifecycle of a Fleet Bundle",source:"@site/versioned_docs/version-0.5/examples.md",sourceDirName:".",slug:"/examples",permalink:"/0.5/examples",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/examples.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.5/architecture"},next:{title:"Overview",permalink:"/0.5/cluster-overview"}},s={},p=[{value:"Lifecycle of a Fleet Bundle",id:"lifecycle-of-a-fleet-bundle",level:3},{value:"Deploy Kubernetes Manifests Across Clusters with Customization",id:"deploy-kubernetes-manifests-across-clusters-with-customization",level:3},{value:"Additional Examples",id:"additional-examples",level:3}],c={toc:p};function m(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,l.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"examples"},"Examples"),(0,a.kt)("h3",{id:"lifecycle-of-a-fleet-bundle"},"Lifecycle of a Fleet Bundle"),(0,a.kt)("p",null,"To demonstrate the lifecycle of a Fleet bundle, we will use ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"User will create a ",(0,a.kt)("a",{parentName:"li",href:"/0.5/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,a.kt)("a",{parentName:"li",href:"/0.5/webhook"},"webhook event"),". With every commit change, the ",(0,a.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,a.kt)("a",{parentName:"li",href:"/0.5/cluster-bundles-state#bundles"},"bundle"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,a.kt)("ol",{start:3},(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,a.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,a.kt)("h3",{id:"deploy-kubernetes-manifests-across-clusters-with-customization"},"Deploy Kubernetes Manifests Across Clusters with Customization"),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,a.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters using Fleet, we will use ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml")," as a case study."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,a.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,a.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,a.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Expected behavior:")," "),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,a.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,a.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,a.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,a.kt)("li",{parentName:"ol"},"Under ",(0,a.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,a.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),": ")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Result:")),(0,a.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,a.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,a.kt)("h3",{id:"additional-examples"},"Additional Examples"),(0,a.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4581],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>d});var l=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=l.createContext({}),p=function(e){var t=l.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},c=function(e){var t=p(e.components);return l.createElement(s.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},u=l.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=p(n),d=a,h=u["".concat(s,".").concat(d)]||u[d]||m[d]||r;return n?l.createElement(h,o(o({ref:t},c),{},{components:n})):l.createElement(h,o({ref:t},c))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,o=new Array(r);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>m,frontMatter:()=>r,metadata:()=>i,toc:()=>p});var l=n(7462),a=(n(7294),n(3905));const r={},o="Examples",i={unversionedId:"examples",id:"version-0.5/examples",title:"Examples",description:"Lifecycle of a Fleet Bundle",source:"@site/versioned_docs/version-0.5/examples.md",sourceDirName:".",slug:"/examples",permalink:"/0.5/examples",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/examples.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.5/architecture"},next:{title:"Overview",permalink:"/0.5/cluster-overview"}},s={},p=[{value:"Lifecycle of a Fleet Bundle",id:"lifecycle-of-a-fleet-bundle",level:3},{value:"Deploy Kubernetes Manifests Across Clusters with Customization",id:"deploy-kubernetes-manifests-across-clusters-with-customization",level:3},{value:"Additional Examples",id:"additional-examples",level:3}],c={toc:p};function m(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,l.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"examples"},"Examples"),(0,a.kt)("h3",{id:"lifecycle-of-a-fleet-bundle"},"Lifecycle of a Fleet Bundle"),(0,a.kt)("p",null,"To demonstrate the lifecycle of a Fleet bundle, we will use ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"User will create a ",(0,a.kt)("a",{parentName:"li",href:"/0.5/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,a.kt)("a",{parentName:"li",href:"/0.5/webhook"},"webhook event"),". With every commit change, the ",(0,a.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,a.kt)("a",{parentName:"li",href:"/0.5/cluster-bundles-state#bundles"},"bundle"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,a.kt)("ol",{start:3},(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,a.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,a.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,a.kt)("li",{parentName:"ol"},"The ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,a.kt)("h3",{id:"deploy-kubernetes-manifests-across-clusters-with-customization"},"Deploy Kubernetes Manifests Across Clusters with Customization"),(0,a.kt)("p",null,(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/"},"Fleet in Rancher")," allows users to manage clusters easily as if they were one cluster. Users can deploy bundles, which can be comprised of deployment manifests or any other Kubernetes resource, across clusters using grouping configuration."),(0,a.kt)("p",null,"To demonstrate how to deploy Kubernetes manifests across different clusters using Fleet, we will use ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/blob/master/multi-cluster/helm/fleet.yaml"},"multi-cluster/helm/fleet.yaml")," as a case study."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Situation:")," User has three clusters with three different labels: ",(0,a.kt)("inlineCode",{parentName:"p"},"env=dev"),", ",(0,a.kt)("inlineCode",{parentName:"p"},"env=test"),", and ",(0,a.kt)("inlineCode",{parentName:"p"},"env=prod"),". User wants to deploy a frontend application with a backend database across these clusters. "),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Expected behavior:")," "),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"dev")," cluster, database replication is not enabled."),(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"test")," cluster, database replication is enabled."),(0,a.kt)("li",{parentName:"ul"},"After deploying to the ",(0,a.kt)("inlineCode",{parentName:"li"},"prod")," cluster, database replication is enabled and Load balancer services are exposed.")),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Advantage of Fleet:")),(0,a.kt)("p",null,"Instead of deploying the app on each cluster, Fleet allows you to deploy across all clusters following these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Deploy gitRepo ",(0,a.kt)("inlineCode",{parentName:"li"},"https://github.com/rancher/fleet-examples.git")," and specify the path ",(0,a.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),"."),(0,a.kt)("li",{parentName:"ol"},"Under ",(0,a.kt)("inlineCode",{parentName:"li"},"multi-cluster/helm"),", a Helm chart will deploy the frontend app service and backend database service."),(0,a.kt)("li",{parentName:"ol"},"The following rule will be defined in ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet.yaml"),": ")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"targetCustomizations:\n- name: dev\n helm:\n values:\n replication: false\n clusterSelector:\n matchLabels:\n env: dev\n\n- name: test\n helm:\n values:\n replicas: 3\n clusterSelector:\n matchLabels:\n env: test\n\n- name: prod\n helm:\n values:\n serviceType: LoadBalancer\n replicas: 3\n clusterSelector:\n matchLabels:\n env: prod\n")),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Result:")),(0,a.kt)("p",null,"Fleet will deploy the Helm chart with your customized ",(0,a.kt)("inlineCode",{parentName:"p"},"values.yaml")," to the different clusters."),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Note:")," Configuration management is not limited to deployments but can be expanded to general configuration management. Fleet is able to apply configuration management through customization among any set of clusters automatically.")),(0,a.kt)("h3",{id:"additional-examples"},"Additional Examples"),(0,a.kt)("p",null,"Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations\nof the three are in the ",(0,a.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/"},"Fleet Examples repo"),"."))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/bcd76598.8314944f.js b/assets/js/bcd76598.9ee52278.js similarity index 97% rename from assets/js/bcd76598.8314944f.js rename to assets/js/bcd76598.9ee52278.js index 0a4647dce..713ee61fd 100644 --- a/assets/js/bcd76598.8314944f.js +++ b/assets/js/bcd76598.9ee52278.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6050],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.9/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.9/index.md",sourceDirName:".",slug:"/",permalink:"/0.9/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/index.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.9/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6050],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.9/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.9/index.md",sourceDirName:".",slug:"/",permalink:"/0.9/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/index.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.9/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file diff --git a/assets/js/bd465781.b45fc88c.js b/assets/js/bd465781.77cff642.js similarity index 97% rename from assets/js/bd465781.b45fc88c.js rename to assets/js/bd465781.77cff642.js index 3d63b4efa..79590e375 100644 --- a/assets/js/bd465781.b45fc88c.js +++ b/assets/js/bd465781.77cff642.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2112],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var l=r(7294);function n(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,l)}return r}function o(e){for(var t=1;t=0||(n[r]=e[r]);return n}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(n[r]=e[r])}return n}var c=l.createContext({}),p=function(e){var t=l.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=p(e.components);return l.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},u=l.forwardRef((function(e,t){var r=e.components,n=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=p(r),d=n,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return r?l.createElement(m,o(o({ref:t},f),{},{components:r})):l.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var p=2;p{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>p});var l=r(7462),n=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/docs/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent register",permalink:"/cli/fleet-agent/fleet-agent_register"},next:{title:"fleet apply",permalink:"/cli/fleet-cli/fleet_apply"}},c={},p=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:p};function s(e){let{components:t,...r}=e;return(0,n.kt)("wrapper",(0,l.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h2",{id:"fleet"},"fleet"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,n.kt)("h3",{id:"options"},"Options"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"}," -h, --help help for fleet\n")),(0,n.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_cleanup"},"fleet cleanup"),"\t - Clean up outdated cluster registrations"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_deploy"},"fleet deploy"),"\t - Deploy a bundledeployment/content resource to a cluster, by creating a Helm release. This will not deploy the bundledeployment/content resources directly to the cluster."),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_gitcloner"},"fleet gitcloner"),"\t - Clones a git repository"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_target"},"fleet target"),"\t - Print available targets for a bundle")))}s.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2112],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var l=r(7294);function n(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,l)}return r}function o(e){for(var t=1;t=0||(n[r]=e[r]);return n}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(n[r]=e[r])}return n}var c=l.createContext({}),p=function(e){var t=l.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=p(e.components);return l.createElement(c.Provider,{value:t},e.children)},s={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},u=l.forwardRef((function(e,t){var r=e.components,n=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=p(r),d=n,m=u["".concat(c,".").concat(d)]||u[d]||s[d]||a;return r?l.createElement(m,o(o({ref:t},f),{},{components:r})):l.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var p=2;p{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>s,frontMatter:()=>a,metadata:()=>i,toc:()=>p});var l=r(7462),n=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet",id:"cli/fleet-cli/fleet",title:"",description:"fleet",source:"@site/docs/cli/fleet-cli/fleet.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet",permalink:"/cli/fleet-cli/fleet",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet"},sidebar:"docs",previous:{title:"fleet-agent register",permalink:"/cli/fleet-agent/fleet-agent_register"},next:{title:"fleet apply",permalink:"/cli/fleet-cli/fleet_apply"}},c={},p=[{value:"fleet",id:"fleet",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:p};function s(e){let{components:t,...r}=e;return(0,n.kt)("wrapper",(0,l.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h2",{id:"fleet"},"fleet"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"fleet [flags]\n")),(0,n.kt)("h3",{id:"options"},"Options"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"}," -h, --help help for fleet\n")),(0,n.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_apply"},"fleet apply"),"\t - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_cleanup"},"fleet cleanup"),"\t - Clean up outdated cluster registrations"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_deploy"},"fleet deploy"),"\t - Deploy a bundledeployment/content resource to a cluster, by creating a Helm release. This will not deploy the bundledeployment/content resources directly to the cluster."),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_gitcloner"},"fleet gitcloner"),"\t - Clones a git repository"),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("a",{parentName:"li",href:"./fleet_target"},"fleet target"),"\t - Print available targets for a bundle")))}s.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/bf20a2eb.fa0ba304.js b/assets/js/bf20a2eb.ff0128f8.js similarity index 99% rename from assets/js/bf20a2eb.fa0ba304.js rename to assets/js/bf20a2eb.ff0128f8.js index bc7c1cafa..d8fb577f4 100644 --- a/assets/js/bf20a2eb.fa0ba304.js +++ b/assets/js/bf20a2eb.ff0128f8.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5254],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,d=i(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(s,".").concat(p)]||u[p]||h[p]||n;return a?r.createElement(m,o(o({ref:t},d),{},{components:a})):r.createElement(m,o({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>h,frontMatter:()=>n,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.9.3",date:"2024-04-17 09:34:37 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.9.3",id:"version-0.9/changelogs/changelogs/v0.9.3",title:"v0.9.3",description:"(rancherio-gh-m) released this 2024-04-17 0937 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.3.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.3",permalink:"/0.9/changelogs/changelogs/v0.9.3",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.3.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.3",date:"2024-04-17 09:34:37 +0000 UTC"},sidebar:"docs",previous:{title:"v0.9.2",permalink:"/0.9/changelogs/changelogs/v0.9.2"},next:{title:"v0.9.4",permalink:"/0.9/changelogs/changelogs/v0.9.4"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-04-17 09:34:37 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Prevent creating Content objects if Bundle does not match any target by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2176449663","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2215","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2215/hovercard",href:"https://github.com/rancher/fleet/pull/2215"},"#2215"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump github.com/docker/docker to v23.0.10 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231242144","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2308","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2308/hovercard",href:"https://github.com/rancher/fleet/pull/2308"},"#2308")),(0,l.kt)("li",null,"Bump github.com/containerd/containerd to 1.7.11 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231242144","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2308","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2308/hovercard",href:"https://github.com/rancher/fleet/pull/2308"},"#2308")),(0,l.kt)("li",null,"Bump google.golang.org/protobuf to v1.33.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231242144","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2308","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2308/hovercard",href:"https://github.com/rancher/fleet/pull/2308"},"#2308")),(0,l.kt)("li",null,"Bump k8s to 0.28.8 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2232624741","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2310","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2310/hovercard",href:"https://github.com/rancher/fleet/pull/2310"},"#2310")),(0,l.kt)("li",null,"Bump Gitjob to v0.9.6 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2237147792","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2320","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2320/hovercard",href:"https://github.com/rancher/fleet/pull/2320"},"#2320"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.9.2...v0.9.3"},(0,l.kt)("tt",null,"v0.9.2...v0.9.3"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-crd-0.9.3.tgz"},"fleet-crd-0.9.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-agent-0.9.3.tgz"},"fleet-agent-0.9.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-0.9.3.tgz"},"fleet-0.9.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.3"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5254],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,d=i(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(s,".").concat(p)]||u[p]||h[p]||n;return a?r.createElement(m,o(o({ref:t},d),{},{components:a})):r.createElement(m,o({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>h,frontMatter:()=>n,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.9.3",date:"2024-04-17 09:34:37 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.9.3",id:"version-0.9/changelogs/changelogs/v0.9.3",title:"v0.9.3",description:"(rancherio-gh-m) released this 2024-04-17 0937 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.3.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.3",permalink:"/0.9/changelogs/changelogs/v0.9.3",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.3.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.3",date:"2024-04-17 09:34:37 +0000 UTC"},sidebar:"docs",previous:{title:"v0.9.2",permalink:"/0.9/changelogs/changelogs/v0.9.2"},next:{title:"v0.9.4",permalink:"/0.9/changelogs/changelogs/v0.9.4"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-04-17 09:34:37 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Prevent creating Content objects if Bundle does not match any target by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2176449663","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2215","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2215/hovercard",href:"https://github.com/rancher/fleet/pull/2215"},"#2215"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump github.com/docker/docker to v23.0.10 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231242144","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2308","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2308/hovercard",href:"https://github.com/rancher/fleet/pull/2308"},"#2308")),(0,l.kt)("li",null,"Bump github.com/containerd/containerd to 1.7.11 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231242144","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2308","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2308/hovercard",href:"https://github.com/rancher/fleet/pull/2308"},"#2308")),(0,l.kt)("li",null,"Bump google.golang.org/protobuf to v1.33.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231242144","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2308","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2308/hovercard",href:"https://github.com/rancher/fleet/pull/2308"},"#2308")),(0,l.kt)("li",null,"Bump k8s to 0.28.8 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2232624741","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2310","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2310/hovercard",href:"https://github.com/rancher/fleet/pull/2310"},"#2310")),(0,l.kt)("li",null,"Bump Gitjob to v0.9.6 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2237147792","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2320","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2320/hovercard",href:"https://github.com/rancher/fleet/pull/2320"},"#2320"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.9.2...v0.9.3"},(0,l.kt)("tt",null,"v0.9.2...v0.9.3"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-crd-0.9.3.tgz"},"fleet-crd-0.9.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-agent-0.9.3.tgz"},"fleet-agent-0.9.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-0.9.3.tgz"},"fleet-0.9.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.3/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.3"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/c107a2c8.8547a4d0.js b/assets/js/c107a2c8.da1b091c.js similarity index 97% rename from assets/js/c107a2c8.8547a4d0.js rename to assets/js/c107a2c8.da1b091c.js index a3549b655..1a469acd3 100644 --- a/assets/js/c107a2c8.8547a4d0.js +++ b/assets/js/c107a2c8.da1b091c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6198],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>d});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),f=s(r),d=o,g=f["".concat(i,".").concat(d)]||f[d]||u[d]||a;return r?n.createElement(g,c(c({ref:t},p),{},{components:r})):n.createElement(g,c({ref:t},p))}));function d(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,c=new Array(a);c[0]=f;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l.mdxType="string"==typeof e?e:o,c[1]=l;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>c,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"0.6 Changelogs"},c=void 0,l={unversionedId:"changelogs/index",id:"version-0.6/changelogs/index",title:"0.6 Changelogs",description:"* v0.6.0 (latest)",source:"@site/versioned_docs/version-0.6/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.6/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/changelogs/index.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.6 Changelogs"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("a",{parentName:"li",href:"/0.6/changelogs/changelogs/v0.6.0"},"v0.6.0")," (latest)")))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6198],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>d});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),f=s(r),d=o,g=f["".concat(i,".").concat(d)]||f[d]||u[d]||a;return r?n.createElement(g,c(c({ref:t},p),{},{components:r})):n.createElement(g,c({ref:t},p))}));function d(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,c=new Array(a);c[0]=f;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l.mdxType="string"==typeof e?e:o,c[1]=l;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>c,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"0.6 Changelogs"},c=void 0,l={unversionedId:"changelogs/index",id:"version-0.6/changelogs/index",title:"0.6 Changelogs",description:"* v0.6.0 (latest)",source:"@site/versioned_docs/version-0.6/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.6/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/changelogs/index.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.6 Changelogs"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("a",{parentName:"li",href:"/0.6/changelogs/changelogs/v0.6.0"},"v0.6.0")," (latest)")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/c1b42080.d04e119d.js b/assets/js/c1b42080.7f5bbcfd.js similarity index 98% rename from assets/js/c1b42080.d04e119d.js rename to assets/js/c1b42080.7f5bbcfd.js index 22f238aff..c39157969 100644 --- a/assets/js/c1b42080.d04e119d.js +++ b/assets/js/c1b42080.7f5bbcfd.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1992],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>d});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var i=r.createContext({}),c=function(e){var t=r.useContext(i),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),h=c(a),d=l,m=h["".concat(i,".").concat(d)]||h[d]||u[d]||n;return a?r.createElement(m,o(o({ref:t},p),{},{components:a})):r.createElement(m,o({ref:t},p))}));function d(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=h;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:l,o[1]=s;for(var c=2;c{a.r(t),a.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>n,metadata:()=>s,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.7.1",date:"2023-08-16 10:56:37 +0000 UTC"},o=void 0,s={unversionedId:"changelogs/changelogs/v0.7.1",id:"version-0.7/changelogs/changelogs/v0.7.1",title:"v0.7.1",description:"(rancherio-gh-m) released this 2023-08-16 1037 +0000 UTC",source:"@site/versioned_docs/version-0.7/changelogs/changelogs/v0.7.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.7.1",permalink:"/0.7/changelogs/changelogs/v0.7.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/changelogs/changelogs/v0.7.1.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.7.1",date:"2023-08-16 10:56:37 +0000 UTC"},sidebar:"docs",previous:{title:"v0.7.0",permalink:"/0.7/changelogs/changelogs/v0.7.0"}},i={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],p={toc:c};function u(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-08-16 10:56:37 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Helm release name fix by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1816053596","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1665","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1665/hovercard",href:"https://github.com/rancher/fleet/pull/1665"},"#1665")),(0,l.kt)("li",null,"Clean up cluster registrations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1815987464","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1664","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1664/hovercard",href:"https://github.com/rancher/fleet/pull/1664"},"#1664")," / ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1822066410","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1677","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1677/hovercard",href:"https://github.com/rancher/fleet/pull/1677"},"#1677")),(0,l.kt)("li",null,"Cleanup cluster registrations hook by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1839654541","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1701","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1701/hovercard",href:"https://github.com/rancher/fleet/pull/1701"},"#1701"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.7.0...v0.7.1"},(0,l.kt)("tt",null,"v0.7.0...v0.7.1"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-crd-0.7.1.tgz"},"fleet-crd-0.7.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-agent-0.7.1.tgz"},"fleet-agent-0.7.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-0.7.1.tgz"},"fleet-0.7.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.7.1"},"here"))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1992],{3905:(e,t,a)=>{a.d(t,{Zo:()=>p,kt:()=>d});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var i=r.createContext({}),c=function(e){var t=r.useContext(i),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),h=c(a),d=l,m=h["".concat(i,".").concat(d)]||h[d]||u[d]||n;return a?r.createElement(m,o(o({ref:t},p),{},{components:a})):r.createElement(m,o({ref:t},p))}));function d(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=h;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:l,o[1]=s;for(var c=2;c{a.r(t),a.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>n,metadata:()=>s,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.7.1",date:"2023-08-16 10:56:37 +0000 UTC"},o=void 0,s={unversionedId:"changelogs/changelogs/v0.7.1",id:"version-0.7/changelogs/changelogs/v0.7.1",title:"v0.7.1",description:"(rancherio-gh-m) released this 2023-08-16 1037 +0000 UTC",source:"@site/versioned_docs/version-0.7/changelogs/changelogs/v0.7.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.7.1",permalink:"/0.7/changelogs/changelogs/v0.7.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/changelogs/changelogs/v0.7.1.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.7.1",date:"2023-08-16 10:56:37 +0000 UTC"},sidebar:"docs",previous:{title:"v0.7.0",permalink:"/0.7/changelogs/changelogs/v0.7.0"}},i={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],p={toc:c};function u(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-08-16 10:56:37 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Helm release name fix by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1816053596","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1665","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1665/hovercard",href:"https://github.com/rancher/fleet/pull/1665"},"#1665")),(0,l.kt)("li",null,"Clean up cluster registrations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1815987464","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1664","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1664/hovercard",href:"https://github.com/rancher/fleet/pull/1664"},"#1664")," / ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1822066410","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1677","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1677/hovercard",href:"https://github.com/rancher/fleet/pull/1677"},"#1677")),(0,l.kt)("li",null,"Cleanup cluster registrations hook by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1839654541","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1701","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1701/hovercard",href:"https://github.com/rancher/fleet/pull/1701"},"#1701"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.7.0...v0.7.1"},(0,l.kt)("tt",null,"v0.7.0...v0.7.1"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-crd-0.7.1.tgz"},"fleet-crd-0.7.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-agent-0.7.1.tgz"},"fleet-agent-0.7.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-0.7.1.tgz"},"fleet-0.7.1.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.7.1/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.7.1"},"here"))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/c1eb0b52.7abf33d3.js b/assets/js/c1eb0b52.41828fe0.js similarity index 99% rename from assets/js/c1eb0b52.7abf33d3.js rename to assets/js/c1eb0b52.41828fe0.js index 4755ca4db..1c9a5377f 100644 --- a/assets/js/c1eb0b52.7abf33d3.js +++ b/assets/js/c1eb0b52.41828fe0.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4572],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=a.createContext({}),s=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=s(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,c=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),m=s(n),f=l,d=m["".concat(c,".").concat(f)]||m[f]||p[f]||r;return n?a.createElement(d,i(i({ref:t},u),{},{components:n})):a.createElement(d,i({ref:t},u))}));function f(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=m;var o={};for(var c in t)hasOwnProperty.call(t,c)&&(o[c]=t[c]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>s});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"version-0.6/ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/versioned_docs/version-0.6/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/0.6/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-configuration.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/0.6/ref-registration"},next:{title:"Custom Resources Spec",permalink:"/0.6/ref-crds"}},c={},s=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2}],u={toc:s};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent "),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller ")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused")),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4572],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=a.createContext({}),s=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=s(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,c=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),m=s(n),f=l,d=m["".concat(c,".").concat(f)]||m[f]||p[f]||r;return n?a.createElement(d,i(i({ref:t},u),{},{components:n})):a.createElement(d,i({ref:t},u))}));function f(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=m;var o={};for(var c in t)hasOwnProperty.call(t,c)&&(o[c]=t[c]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var s=2;s{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>s});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"version-0.6/ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/versioned_docs/version-0.6/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/0.6/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-configuration.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/0.6/ref-registration"},next:{title:"Custom Resources Spec",permalink:"/0.6/ref-crds"}},c={},s=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2}],u={toc:s};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent "),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller ")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused")),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/c234ba49.0c159fbd.js b/assets/js/c234ba49.83d4f467.js similarity index 98% rename from assets/js/c234ba49.0c159fbd.js rename to assets/js/c234ba49.83d4f467.js index 7b8be2818..ae1e54911 100644 --- a/assets/js/c234ba49.0c159fbd.js +++ b/assets/js/c234ba49.83d4f467.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4615],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=o,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,a(a({ref:t},p),{},{components:n})):r.createElement(f,a({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,a=new Array(l);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const l={},a="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"version-0.9/ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/versioned_docs/version-0.9/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/0.9/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-bundle-stages.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.9/concepts"},next:{title:"Git Repository Contents",permalink:"/0.9/gitrepo-content"}},s={},c=[],p={toc:c};function u(e){let{components:t,...l}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,l,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,o.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,o.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,o.kt)("ol",null,(0,o.kt)("li",{parentName:"ol"},"User will create a ",(0,o.kt)("a",{parentName:"li",href:"/0.9/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,o.kt)("a",{parentName:"li",href:"/0.9/webhook"},"webhook event"),". With every commit change, the ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,o.kt)("a",{parentName:"li",href:"/0.9/cluster-bundles-state#bundles"},"bundle"),".")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},(0,o.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,o.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,o.kt)("ol",{start:3},(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,o.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,o.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})))}u.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4615],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=o,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,a(a({ref:t},p),{},{components:n})):r.createElement(f,a({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,a=new Array(l);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const l={},a="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"version-0.9/ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/versioned_docs/version-0.9/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/0.9/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-bundle-stages.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.9/concepts"},next:{title:"Git Repository Contents",permalink:"/0.9/gitrepo-content"}},s={},c=[],p={toc:c};function u(e){let{components:t,...l}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,l,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,o.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,o.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,o.kt)("ol",null,(0,o.kt)("li",{parentName:"ol"},"User will create a ",(0,o.kt)("a",{parentName:"li",href:"/0.9/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,o.kt)("a",{parentName:"li",href:"/0.9/webhook"},"webhook event"),". With every commit change, the ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,o.kt)("a",{parentName:"li",href:"/0.9/cluster-bundles-state#bundles"},"bundle"),".")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},(0,o.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,o.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,o.kt)("ol",{start:3},(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,o.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,o.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})))}u.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file diff --git a/assets/js/c2bab82f.d6df09ef.js b/assets/js/c2bab82f.19d98f2a.js similarity index 99% rename from assets/js/c2bab82f.d6df09ef.js rename to assets/js/c2bab82f.19d98f2a.js index adce25a10..5badf6ba4 100644 --- a/assets/js/c2bab82f.d6df09ef.js +++ b/assets/js/c2bab82f.19d98f2a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[824],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var n=a(7294),l=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return n.createElement("div",{role:"tabpanel",className:(0,l.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var n=a(7462),l=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),u=a(7392),c=a(12);function d(e){return function(e){return l.Children.map(e,(e=>{if((0,l.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:n,default:l}}=e;return{value:t,label:a,attributes:n,default:l}}))}function p(e){const{values:t,children:a}=e;return(0,l.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:a}=e;const n=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,l.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(n.location.search);t.set(r,e),n.replace({...n.location,search:t.toString()})}),[r,n])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:n}=e,r=p(e),[s,i]=(0,l.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const n=a.find((e=>e.default))??a[0];if(!n)throw new Error("Unexpected error: 0 tabValues");return n.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:a,groupId:n}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[n,r]=(0,c.Nk)(a);return[n,(0,l.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:n}),g=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,l.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,l.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),n=u[a].value;n!==i&&(d(t),o(n))},m=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return l.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return l.createElement("li",(0,n.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:n}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===n));return e?(0,l.cloneElement)(e,{className:"margin-top--md"}):null}return l.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,l.cloneElement)(e,{key:t,hidden:e.props.value!==n}))))}function w(e){const t=f(e);return l.createElement("div",{className:(0,r.Z)("tabs-container",k)},l.createElement(v,(0,n.Z)({},e,t)),l.createElement(y,(0,n.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return l.createElement(w,(0,n.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>n});const n={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},4721:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var n=a(7462),l=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const u={},c="Installation Details",d={unversionedId:"installation",id:"version-0.6/installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/versioned_docs/version-0.6/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.6/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/installation.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources",permalink:"/0.6/ref-resources"},next:{title:"Register Downstream Clusters",permalink:"/0.6/cluster-registration"}},p={},m=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],h={toc:m};function f(e){let{components:t,...u}=e;return(0,l.kt)("wrapper",(0,n.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"installation-details"},"Installation Details"),(0,l.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,l.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,l.kt)("p",null,(0,l.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,l.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,l.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,l.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,l.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d["v0.6"].kubernetes," or greater.")),(0,l.kt)("h2",{id:"default-install"},"Default Install"),(0,l.kt)("p",null,"Install the following two Helm charts."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},"First install the Fleet CustomResourcesDefintions.",(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d["v0.6"].fleetCRD),(0,l.kt)("p",null,"Second install the Fleet controllers."),(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet"," ",r.d["v0.6"].fleet)),(0,l.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,l.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,l.kt)("p",null,"You can now ",(0,l.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add"},"register some git repos")," in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,l.kt)("h2",{id:"configuration-for-multi-cluster"},"Configuration for Multi-Cluster"),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},"Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,l.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,l.kt)("p",{parentName:"admonition"},"The multi-cluster install described below is ",(0,l.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA. ")),(0,l.kt)("admonition",{type:"info"},(0,l.kt)("p",{parentName:"admonition"},"The setup is the same as for a single cluster.\nAfter installing the Fleet manager, you will then need to register remote downstream clusters with the Fleet manager."),(0,l.kt)("p",{parentName:"admonition"},"However, to allow for ",(0,l.kt)("a",{parentName:"p",href:"/0.6/cluster-registration#manager-initiated"},"manager-initiated registration")," of downstream clusters, a few extra settings are required. Without the API server URL and the CA, only ",(0,l.kt)("a",{parentName:"p",href:"/0.6/cluster-registration#agent-initiated"},"agent-initiated registration")," of downstream clusters is possible.")),(0,l.kt)("h3",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,l.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,l.kt)("inlineCode",{parentName:"p"},"$HOME/.kube/config"),"). The ",(0,l.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="$HOME/.kube/config"',title:'"$HOME/.kube/config"'},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,l.kt)("h4",{id:"extract-ca-certificate"},"Extract CA certificate"),(0,l.kt)("p",null,"Please note that the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,l.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,l.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,l.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,l.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,l.kt)("h4",{id:"validate"},"Validate"),(0,l.kt)("p",null,"First validate the server URL is correct."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,l.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,l.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,l.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,l.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,l.kt)("p",null,"If you get a valid JSON response or an ",(0,l.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,l.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,l.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,l.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,l.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,l.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,l.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,l.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,l.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,l.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,l.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First install the Fleet CustomResourcesDefintions.",(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d["v0.6"].fleetCRD),(0,l.kt)("p",null,"Second install the Fleet controllers."),(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d["v0.6"].fleet)),(0,l.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,l.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,l.kt)("a",{parentName:"p",href:"/0.6/cluster-registration"},"register clusters")," and ",(0,l.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[824],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var n=a(7294),l=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return n.createElement("div",{role:"tabpanel",className:(0,l.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var n=a(7462),l=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),u=a(7392),c=a(12);function d(e){return function(e){return l.Children.map(e,(e=>{if((0,l.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:n,default:l}}=e;return{value:t,label:a,attributes:n,default:l}}))}function p(e){const{values:t,children:a}=e;return(0,l.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:a}=e;const n=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,l.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(n.location.search);t.set(r,e),n.replace({...n.location,search:t.toString()})}),[r,n])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:n}=e,r=p(e),[s,i]=(0,l.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const n=a.find((e=>e.default))??a[0];if(!n)throw new Error("Unexpected error: 0 tabValues");return n.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:a,groupId:n}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[n,r]=(0,c.Nk)(a);return[n,(0,l.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:n}),g=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,l.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,l.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),n=u[a].value;n!==i&&(d(t),o(n))},m=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return l.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return l.createElement("li",(0,n.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:n}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===n));return e?(0,l.cloneElement)(e,{className:"margin-top--md"}):null}return l.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,l.cloneElement)(e,{key:t,hidden:e.props.value!==n}))))}function w(e){const t=f(e);return l.createElement("div",{className:(0,r.Z)("tabs-container",k)},l.createElement(v,(0,n.Z)({},e,t)),l.createElement(y,(0,n.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return l.createElement(w,(0,n.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>n});const n={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},4721:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var n=a(7462),l=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const u={},c="Installation Details",d={unversionedId:"installation",id:"version-0.6/installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/versioned_docs/version-0.6/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.6/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/installation.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources",permalink:"/0.6/ref-resources"},next:{title:"Register Downstream Clusters",permalink:"/0.6/cluster-registration"}},p={},m=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],h={toc:m};function f(e){let{components:t,...u}=e;return(0,l.kt)("wrapper",(0,n.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"installation-details"},"Installation Details"),(0,l.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,l.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,l.kt)("p",null,(0,l.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,l.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,l.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,l.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,l.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d["v0.6"].kubernetes," or greater.")),(0,l.kt)("h2",{id:"default-install"},"Default Install"),(0,l.kt)("p",null,"Install the following two Helm charts."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},"First install the Fleet CustomResourcesDefintions.",(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d["v0.6"].fleetCRD),(0,l.kt)("p",null,"Second install the Fleet controllers."),(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet"," ",r.d["v0.6"].fleet)),(0,l.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,l.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,l.kt)("p",null,"You can now ",(0,l.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add"},"register some git repos")," in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,l.kt)("h2",{id:"configuration-for-multi-cluster"},"Configuration for Multi-Cluster"),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},"Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,l.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,l.kt)("p",{parentName:"admonition"},"The multi-cluster install described below is ",(0,l.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA. ")),(0,l.kt)("admonition",{type:"info"},(0,l.kt)("p",{parentName:"admonition"},"The setup is the same as for a single cluster.\nAfter installing the Fleet manager, you will then need to register remote downstream clusters with the Fleet manager."),(0,l.kt)("p",{parentName:"admonition"},"However, to allow for ",(0,l.kt)("a",{parentName:"p",href:"/0.6/cluster-registration#manager-initiated"},"manager-initiated registration")," of downstream clusters, a few extra settings are required. Without the API server URL and the CA, only ",(0,l.kt)("a",{parentName:"p",href:"/0.6/cluster-registration#agent-initiated"},"agent-initiated registration")," of downstream clusters is possible.")),(0,l.kt)("h3",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,l.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,l.kt)("inlineCode",{parentName:"p"},"$HOME/.kube/config"),"). The ",(0,l.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="$HOME/.kube/config"',title:'"$HOME/.kube/config"'},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,l.kt)("h4",{id:"extract-ca-certificate"},"Extract CA certificate"),(0,l.kt)("p",null,"Please note that the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,l.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,l.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,l.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,l.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,l.kt)("h4",{id:"validate"},"Validate"),(0,l.kt)("p",null,"First validate the server URL is correct."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,l.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,l.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,l.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,l.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,l.kt)("p",null,"If you get a valid JSON response or an ",(0,l.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,l.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,l.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,l.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,l.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,l.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,l.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,l.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,l.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,l.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,l.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,l.kt)(i.Z,{mdxType:"Tabs"},(0,l.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First install the Fleet CustomResourcesDefintions.",(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d["v0.6"].fleetCRD),(0,l.kt)("p",null,"Second install the Fleet controllers."),(0,l.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d["v0.6"].fleet)),(0,l.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,l.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,l.kt)("a",{parentName:"p",href:"/0.6/cluster-registration"},"register clusters")," and ",(0,l.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/c377a04b.1af2af58.js b/assets/js/c377a04b.eeb706b1.js similarity index 98% rename from assets/js/c377a04b.1af2af58.js rename to assets/js/c377a04b.eeb706b1.js index 8feb4211e..842e4a8d7 100644 --- a/assets/js/c377a04b.1af2af58.js +++ b/assets/js/c377a04b.eeb706b1.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6971],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(l,".").concat(d)]||m[d]||p[d]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=m;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"index",title:"Overview",description:"What is Fleet?",source:"@site/docs/index.md",sourceDirName:".",slug:"/",permalink:"/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/index.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6971],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(l,".").concat(d)]||m[d]||p[d]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=m;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"index",title:"Overview",description:"What is Fleet?",source:"@site/docs/index.md",sourceDirName:".",slug:"/",permalink:"/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/index.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file diff --git a/assets/js/c3dfc33d.6ee712fb.js b/assets/js/c3dfc33d.3daef039.js similarity index 98% rename from assets/js/c3dfc33d.6ee712fb.js rename to assets/js/c3dfc33d.3daef039.js index db23a0c50..76d8f06ef 100644 --- a/assets/js/c3dfc33d.6ee712fb.js +++ b/assets/js/c3dfc33d.3daef039.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2276],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"version-0.7/cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/versioned_docs/version-0.7/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/0.7/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-cli/fleet_test.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/0.7/cli/fleet-cli/fleet_apply"},next:{title:"fleet-manager",permalink:"/0.7/cli/fleet-controller/fleet-manager"}},s={},c=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2276],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||a;return n?r.createElement(m,o(o({ref:t},p),{},{components:n})):r.createElement(m,o({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>f,frontMatter:()=>a,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"version-0.7/cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/versioned_docs/version-0.7/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/0.7/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-cli/fleet_test.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet apply",permalink:"/0.7/cli/fleet-cli/fleet_apply"},next:{title:"fleet-manager",permalink:"/0.7/cli/fleet-controller/fleet-manager"}},s={},c=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/c67695e7.1cd4a62b.js b/assets/js/c67695e7.f3a40aac.js similarity index 98% rename from assets/js/c67695e7.1cd4a62b.js rename to assets/js/c67695e7.f3a40aac.js index 0749f8c1c..2cd4a6202 100644 --- a/assets/js/c67695e7.1cd4a62b.js +++ b/assets/js/c67695e7.f3a40aac.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8252],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>m});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),l=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,c=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),d=l(r),m=o,f=d["".concat(c,".").concat(m)]||d[m]||p[m]||s;return r?n.createElement(f,a(a({ref:t},u),{},{components:r})):n.createElement(f,a({ref:t},u))}));function m(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,a=new Array(s);a[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var l=2;l{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>a,default:()=>p,frontMatter:()=>s,metadata:()=>i,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},a="Custom Resources During Deployment",i={unversionedId:"resources-during-deployment",id:"resources-during-deployment",title:"Custom Resources During Deployment",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/docs/resources-during-deployment.md",sourceDirName:".",slug:"/resources-during-deployment",permalink:"/resources-during-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/resources-during-deployment.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/namespaces"},next:{title:"Installation Details",permalink:"/installation"}},c={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources-during-deployment"},"Custom Resources During Deployment"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8252],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>m});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),l=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,c=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),d=l(r),m=o,f=d["".concat(c,".").concat(m)]||d[m]||p[m]||s;return r?n.createElement(f,a(a({ref:t},u),{},{components:r})):n.createElement(f,a({ref:t},u))}));function m(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,a=new Array(s);a[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var l=2;l{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>a,default:()=>p,frontMatter:()=>s,metadata:()=>i,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},a="Custom Resources During Deployment",i={unversionedId:"resources-during-deployment",id:"resources-during-deployment",title:"Custom Resources During Deployment",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/docs/resources-during-deployment.md",sourceDirName:".",slug:"/resources-during-deployment",permalink:"/resources-during-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/resources-during-deployment.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/namespaces"},next:{title:"Installation Details",permalink:"/installation"}},c={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources-during-deployment"},"Custom Resources During Deployment"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file diff --git a/assets/js/c6aa770e.e09d5838.js b/assets/js/c6aa770e.d42d2261.js similarity index 98% rename from assets/js/c6aa770e.e09d5838.js rename to assets/js/c6aa770e.d42d2261.js index a10cadce1..2f8c8de00 100644 --- a/assets/js/c6aa770e.e09d5838.js +++ b/assets/js/c6aa770e.d42d2261.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[844],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},l="Core Concepts",s={unversionedId:"concepts",id:"version-0.6/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.6/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.6/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/concepts.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.6/architecture"},next:{title:"Bundle Lifecycle",permalink:"/0.6/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.6/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.6/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.6/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[844],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},l="Core Concepts",s={unversionedId:"concepts",id:"version-0.6/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.6/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.6/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/concepts.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.6/architecture"},next:{title:"Bundle Lifecycle",permalink:"/0.6/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.6/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.6/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.6/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/c7381d34.b5056e6c.js b/assets/js/c7381d34.78809348.js similarity index 99% rename from assets/js/c7381d34.b5056e6c.js rename to assets/js/c7381d34.78809348.js index bd3c33e34..11cfdb733 100644 --- a/assets/js/c7381d34.b5056e6c.js +++ b/assets/js/c7381d34.78809348.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7544],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>h});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),u=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},c=function(e){var t=u(e.components);return o.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},d=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),d=u(n),h=a,k=d["".concat(s,".").concat(h)]||d[h]||p[h]||r;return n?o.createElement(k,i(i({ref:t},c),{},{components:n})):o.createElement(k,i({ref:t},c))}));function h(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,i=new Array(r);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:a,i[1]=l;for(var u=2;u{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>l,toc:()=>u});var o=n(7462),a=(n(7294),n(3905));const r={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens).",source:"@site/docs/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/webhook.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/imagescan"}},s={},u=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],c={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,o.Z)({},c,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,a.kt)("p",null,"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens)."),(0,a.kt)("p",null,"For installations with multiple tens up to hundreds of Git repos, and in general to reduce latency (the time between a push to Git and fleet reacting to it), configuring webhooks is recommended instead of polling."),(0,a.kt)("p",null,"Fleet currently supports Azure DevOps, GitHub, GitLab, Bitbucket, Bitbucket Server, and Gogs."),(0,a.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,a.kt)("p",null,"If you want to have the webhook available using the same host name as your Rancher or another service, you can use the following YAML with the URL ",(0,a.kt)("a",{parentName:"p",href:"http://your.domain.com/gitjob"},"http://your.domain.com/gitjob"),". The below YAML is specific for the Nginx Ingress Controller:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n annotations:\n nginx.ingress.kubernetes.io/use-regex: "true"\n nginx.ingress.kubernetes.io/rewrite-target: /$2\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /gitjob(/|$)(.*)\n pathType: ImplementationSpecific\n backend:\n service:\n name: gitjob\n port:\n number: 80\n')),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"You can configure ",(0,a.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,a.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(696).Z,width:"1830",height:"1563"})),(0,a.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,a.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,a.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,a.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,a.kt)("table",null,(0,a.kt)("thead",{parentName:"table"},(0,a.kt)("tr",{parentName:"thead"},(0,a.kt)("th",{parentName:"tr",align:null},"Provider"),(0,a.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,a.kt)("tbody",{parentName:"table"},(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"github"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"gogs"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Azure DevOps"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"azure-username"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Azure DevOps"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"azure-password"))))),(0,a.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,a.kt)("p",null,"For Azure DevOps:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Enable basic authentication in Azure"),(0,a.kt)("li",{parentName:"ul"},"Create a secret containing the credentials for the basic authentication")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=azure-username=user --from-literal=azure-password=pass123\n")),(0,a.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,n)=>{n.d(t,{Z:()=>o});const o=n.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7544],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>h});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),u=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},c=function(e){var t=u(e.components);return o.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},d=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,r=e.originalType,s=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),d=u(n),h=a,k=d["".concat(s,".").concat(h)]||d[h]||p[h]||r;return n?o.createElement(k,i(i({ref:t},c),{},{components:n})):o.createElement(k,i({ref:t},c))}));function h(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var r=n.length,i=new Array(r);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:a,i[1]=l;for(var u=2;u{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>l,toc:()=>u});var o=n(7462),a=(n(7294),n(3905));const r={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens).",source:"@site/docs/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/webhook.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/imagescan"}},s={},u=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],c={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,o.Z)({},c,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,a.kt)("p",null,"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens)."),(0,a.kt)("p",null,"For installations with multiple tens up to hundreds of Git repos, and in general to reduce latency (the time between a push to Git and fleet reacting to it), configuring webhooks is recommended instead of polling."),(0,a.kt)("p",null,"Fleet currently supports Azure DevOps, GitHub, GitLab, Bitbucket, Bitbucket Server, and Gogs."),(0,a.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,a.kt)("p",null,"If you want to have the webhook available using the same host name as your Rancher or another service, you can use the following YAML with the URL ",(0,a.kt)("a",{parentName:"p",href:"http://your.domain.com/gitjob"},"http://your.domain.com/gitjob"),". The below YAML is specific for the Nginx Ingress Controller:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n annotations:\n nginx.ingress.kubernetes.io/use-regex: "true"\n nginx.ingress.kubernetes.io/rewrite-target: /$2\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /gitjob(/|$)(.*)\n pathType: ImplementationSpecific\n backend:\n service:\n name: gitjob\n port:\n number: 80\n')),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"You can configure ",(0,a.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,a.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(696).Z,width:"1830",height:"1563"})),(0,a.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,a.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,a.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,a.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,a.kt)("table",null,(0,a.kt)("thead",{parentName:"table"},(0,a.kt)("tr",{parentName:"thead"},(0,a.kt)("th",{parentName:"tr",align:null},"Provider"),(0,a.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,a.kt)("tbody",{parentName:"table"},(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"github"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"gogs"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Azure DevOps"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"azure-username"))),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Azure DevOps"),(0,a.kt)("td",{parentName:"tr",align:null},(0,a.kt)("inlineCode",{parentName:"td"},"azure-password"))))),(0,a.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,a.kt)("p",null,"For Azure DevOps:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Enable basic authentication in Azure"),(0,a.kt)("li",{parentName:"ul"},"Create a secret containing the credentials for the basic authentication")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=azure-username=user --from-literal=azure-password=pass123\n")),(0,a.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,n)=>{n.d(t,{Z:()=>o});const o=n.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file diff --git a/assets/js/c778489f.aef3d1b5.js b/assets/js/c778489f.e1bba825.js similarity index 97% rename from assets/js/c778489f.aef3d1b5.js rename to assets/js/c778489f.e1bba825.js index 4ae8311c6..ef8990818 100644 --- a/assets/js/c778489f.aef3d1b5.js +++ b/assets/js/c778489f.e1bba825.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[85],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},g=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),g=p(n),f=a,m=g["".concat(i,".").concat(f)]||g[f]||u[f]||o;return n?r.createElement(m,l(l({ref:t},s),{},{components:n})):r.createElement(m,l({ref:t},s))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=g;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:a,l[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var r=n(7462),a=(n(7294),n(3905));const o={title:"0.5 Changelogs"},l=void 0,c={unversionedId:"changelogs/index",id:"version-0.5/changelogs/index",title:"0.5 Changelogs",description:"* v0.5.3 (latest)",source:"@site/versioned_docs/version-0.5/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.5/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/index.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.5 Changelogs"}},i={},p=[],s={toc:p};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/changelogs/changelogs/v0.5.3"},"v0.5.3")," (latest)")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/changelogs/changelogs/v0.5.2"},"v0.5.2")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/changelogs/changelogs/v0.5.1"},"v0.5.1")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/changelogs/changelogs/v0.5.0"},"v0.5.0")))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[85],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),p=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},g=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),g=p(n),f=a,m=g["".concat(i,".").concat(f)]||g[f]||u[f]||o;return n?r.createElement(m,l(l({ref:t},s),{},{components:n})):r.createElement(m,l({ref:t},s))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=g;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:a,l[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var r=n(7462),a=(n(7294),n(3905));const o={title:"0.5 Changelogs"},l=void 0,c={unversionedId:"changelogs/index",id:"version-0.5/changelogs/index",title:"0.5 Changelogs",description:"* v0.5.3 (latest)",source:"@site/versioned_docs/version-0.5/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.5/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/index.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.5 Changelogs"}},i={},p=[],s={toc:p};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/changelogs/changelogs/v0.5.3"},"v0.5.3")," (latest)")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/changelogs/changelogs/v0.5.2"},"v0.5.2")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/changelogs/changelogs/v0.5.1"},"v0.5.1")," ")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/changelogs/changelogs/v0.5.0"},"v0.5.0")))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/c916adcd.cdbcddcb.js b/assets/js/c916adcd.291c3974.js similarity index 98% rename from assets/js/c916adcd.cdbcddcb.js rename to assets/js/c916adcd.291c3974.js index 1e4816761..5b3739fcf 100644 --- a/assets/js/c916adcd.cdbcddcb.js +++ b/assets/js/c916adcd.291c3974.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7155],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),u=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,u._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[u,i]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),b=(()=>{const e=u??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{b&&o(b)}),[b]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:o,selectValue:u,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=i[a].value;l!==o&&(d(t),u(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",g)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},1079:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>m,frontMatter:()=>u,metadata:()=>c,toc:()=>p});var l=a(7462),n=(a(7294),a(3905)),r=(a(6828),a(814)),s=a(4866),o=a(5162);const u={},i="Quick Start",c={unversionedId:"quickstart",id:"version-0.7/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.7/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.7/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/quickstart.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.7/"},next:{title:"Creating a Deployment",permalink:"/0.7/tut-deployment"}},d={},p=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],h={toc:p};function m(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null," Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is\nfairly straightforward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)(s.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/")),(0,n.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/"))),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd\n","helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet"),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}m.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7155],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),u=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,u._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[u,i]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),b=(()=>{const e=u??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{b&&o(b)}),[b]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:o,selectValue:u,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=i[a].value;l!==o&&(d(t),u(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",g)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},1079:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>m,frontMatter:()=>u,metadata:()=>c,toc:()=>p});var l=a(7462),n=(a(7294),a(3905)),r=(a(6828),a(814)),s=a(4866),o=a(5162);const u={},i="Quick Start",c={unversionedId:"quickstart",id:"version-0.7/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.7/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.7/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/quickstart.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.7/"},next:{title:"Creating a Deployment",permalink:"/0.7/tut-deployment"}},d={},p=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],h={toc:p};function m(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null," Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is\nfairly straightforward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)(s.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/")),(0,n.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/"))),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd\n","helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet"),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}m.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/cce49c68.786f03de.js b/assets/js/cce49c68.f5dba2f9.js similarity index 99% rename from assets/js/cce49c68.786f03de.js rename to assets/js/cce49c68.f5dba2f9.js index 31578294f..7626b5285 100644 --- a/assets/js/cce49c68.786f03de.js +++ b/assets/js/cce49c68.f5dba2f9.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7215],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function s(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var i=r.createContext({}),c=function(e){var t=r.useContext(i),a=t;return e&&(a="function"==typeof e?e(t):s(s({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,i=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(i,".").concat(p)]||u[p]||h[p]||n;return a?r.createElement(m,s(s({ref:t},d),{},{components:a})):r.createElement(m,s({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,s=new Array(n);s[0]=u;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:l,s[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>i,contentTitle:()=>s,default:()=>h,frontMatter:()=>n,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.5.3",date:"2023-03-06 15:56:56 +0000 UTC"},s=void 0,o={unversionedId:"changelogs/changelogs/v0.5.3",id:"version-0.5/changelogs/changelogs/v0.5.3",title:"v0.5.3",description:"(rancherio-gh-m) released this 2023-03-06 1556 +0000 UTC",source:"@site/versioned_docs/version-0.5/changelogs/changelogs/v0.5.3.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.5.3",permalink:"/0.5/changelogs/changelogs/v0.5.3",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/changelogs/v0.5.3.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.5.3",date:"2023-03-06 15:56:56 +0000 UTC"},sidebar:"docs",previous:{title:"v0.5.2",permalink:"/0.5/changelogs/changelogs/v0.5.2"}},i={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-03-06 15:56:56 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("p",null,"Upgrading the Fleet helm chart upgrades the fleet-controller and its config. To avoid race conditions while fleet-controller starts updating the fleet-agents, we propose to scale down the fleet-controller to zero replicas before starting the upgrade."),(0,l.kt)("p",null,"When using Fleet in Rancher and updating from Rancher 2.5, the default installation namespace for fleet changes from fleet-system to cattle-fleet-system. This release adds code to re-deploy the agents if necessary, to regenerate their config in the new namespace. Once the new agent is running and the cluster resources status is ok, it's fine to delete any leftover fleet-system namespaces. In older versions of fleet, it's possible to ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1528099306","data-permission-text":"Title is private","data-url":"https://github.com/rancher/rancher/issues/40127","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/40127/hovercard?comment_id=1379027121&comment_type=issue_comment",href:"https://github.com/rancher/rancher/issues/40127#issuecomment-1379027121"},"rancher/rancher#40127 (comment)")," into the new namespace, or to ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1528099306","data-permission-text":"Title is private","data-url":"https://github.com/rancher/rancher/issues/40127","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/40127/hovercard?comment_id=1381884485&comment_type=issue_comment",href:"https://github.com/rancher/rancher/issues/40127#issuecomment-1381884485"},"rancher/rancher#40127 (comment)"),"."),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,'Backport "Reading contents&secrets uses specific service account" by ',(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1566163652","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1298","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1298/hovercard",href:"https://github.com/rancher/fleet/pull/1298"},"#1298"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Disable Gitops Feature Breaks Fleet Controller Deployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1502700385","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1195","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1195/hovercard",href:"https://github.com/rancher/fleet/pull/1195"},"#1195")),(0,l.kt)("li",null,"Add emptyDir volume to Fleet controller for /tmp by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504797073","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1202","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1202/hovercard",href:"https://github.com/rancher/fleet/pull/1202"},"#1202")),(0,l.kt)("li",null,"Do not fail on missing labels by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1548776358","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1261","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1261/hovercard",href:"https://github.com/rancher/fleet/pull/1261"},"#1261")),(0,l.kt)("li",null,"Fix Rancher upgrade by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1556869984","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1275","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1275/hovercard",href:"https://github.com/rancher/fleet/pull/1275"},"#1275")),(0,l.kt)("li",null,"Long release names shorten once by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1557863677","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1279","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1279/hovercard",href:"https://github.com/rancher/fleet/pull/1279"},"#1279")),(0,l.kt)("li",null,"Fix agent not starting in fleet-system namespace by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1585833920","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1322","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1322/hovercard",href:"https://github.com/rancher/fleet/pull/1322"},"#1322")),(0,l.kt)("li",null,"Ensure valid release name for agent by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1604909749","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1356","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1356/hovercard",href:"https://github.com/rancher/fleet/pull/1356"},"#1356"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Update GitHub actions in release v0.5 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1455076517","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1107","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1107/hovercard",href:"https://github.com/rancher/fleet/pull/1107"},"#1107")),(0,l.kt)("li",null,"Bump bci images in release/v0.5 branch by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1530498191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1241","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1241/hovercard",href:"https://github.com/rancher/fleet/pull/1241"},"#1241")),(0,l.kt)("li",null,"Backport fix Windows 1809 builds on Drone by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1534752776","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1250","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1250/hovercard",href:"https://github.com/rancher/fleet/pull/1250"},"#1250")),(0,l.kt)("li",null,"Go dependencies and SLE-BCI bumps by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/macedogm/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/macedogm"},"@macedogm")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1535699592","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1255","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1255/hovercard",href:"https://github.com/rancher/fleet/pull/1255"},"#1255")),(0,l.kt)("li",null,"Bump gitjob to 0.1.36 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1557022079","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1276","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1276/hovercard",href:"https://github.com/rancher/fleet/pull/1276"},"#1276"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.5.0...v0.5.3"},(0,l.kt)("tt",null,"v0.5.0...v0.5.3"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"fleet-crd-0.5.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz"},"fleet-agent-0.5.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz"},"fleet-0.5.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.5.3"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7215],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function s(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var i=r.createContext({}),c=function(e){var t=r.useContext(i),a=t;return e&&(a="function"==typeof e?e(t):s(s({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,i=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(i,".").concat(p)]||u[p]||h[p]||n;return a?r.createElement(m,s(s({ref:t},d),{},{components:a})):r.createElement(m,s({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,s=new Array(n);s[0]=u;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:l,s[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>i,contentTitle:()=>s,default:()=>h,frontMatter:()=>n,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.5.3",date:"2023-03-06 15:56:56 +0000 UTC"},s=void 0,o={unversionedId:"changelogs/changelogs/v0.5.3",id:"version-0.5/changelogs/changelogs/v0.5.3",title:"v0.5.3",description:"(rancherio-gh-m) released this 2023-03-06 1556 +0000 UTC",source:"@site/versioned_docs/version-0.5/changelogs/changelogs/v0.5.3.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.5.3",permalink:"/0.5/changelogs/changelogs/v0.5.3",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/changelogs/v0.5.3.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.5.3",date:"2023-03-06 15:56:56 +0000 UTC"},sidebar:"docs",previous:{title:"v0.5.2",permalink:"/0.5/changelogs/changelogs/v0.5.2"}},i={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-03-06 15:56:56 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("p",null,"Upgrading the Fleet helm chart upgrades the fleet-controller and its config. To avoid race conditions while fleet-controller starts updating the fleet-agents, we propose to scale down the fleet-controller to zero replicas before starting the upgrade."),(0,l.kt)("p",null,"When using Fleet in Rancher and updating from Rancher 2.5, the default installation namespace for fleet changes from fleet-system to cattle-fleet-system. This release adds code to re-deploy the agents if necessary, to regenerate their config in the new namespace. Once the new agent is running and the cluster resources status is ok, it's fine to delete any leftover fleet-system namespaces. In older versions of fleet, it's possible to ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1528099306","data-permission-text":"Title is private","data-url":"https://github.com/rancher/rancher/issues/40127","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/40127/hovercard?comment_id=1379027121&comment_type=issue_comment",href:"https://github.com/rancher/rancher/issues/40127#issuecomment-1379027121"},"rancher/rancher#40127 (comment)")," into the new namespace, or to ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1528099306","data-permission-text":"Title is private","data-url":"https://github.com/rancher/rancher/issues/40127","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/40127/hovercard?comment_id=1381884485&comment_type=issue_comment",href:"https://github.com/rancher/rancher/issues/40127#issuecomment-1381884485"},"rancher/rancher#40127 (comment)"),"."),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,'Backport "Reading contents&secrets uses specific service account" by ',(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1566163652","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1298","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1298/hovercard",href:"https://github.com/rancher/fleet/pull/1298"},"#1298"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Disable Gitops Feature Breaks Fleet Controller Deployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1502700385","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1195","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1195/hovercard",href:"https://github.com/rancher/fleet/pull/1195"},"#1195")),(0,l.kt)("li",null,"Add emptyDir volume to Fleet controller for /tmp by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504797073","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1202","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1202/hovercard",href:"https://github.com/rancher/fleet/pull/1202"},"#1202")),(0,l.kt)("li",null,"Do not fail on missing labels by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1548776358","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1261","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1261/hovercard",href:"https://github.com/rancher/fleet/pull/1261"},"#1261")),(0,l.kt)("li",null,"Fix Rancher upgrade by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1556869984","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1275","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1275/hovercard",href:"https://github.com/rancher/fleet/pull/1275"},"#1275")),(0,l.kt)("li",null,"Long release names shorten once by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1557863677","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1279","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1279/hovercard",href:"https://github.com/rancher/fleet/pull/1279"},"#1279")),(0,l.kt)("li",null,"Fix agent not starting in fleet-system namespace by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1585833920","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1322","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1322/hovercard",href:"https://github.com/rancher/fleet/pull/1322"},"#1322")),(0,l.kt)("li",null,"Ensure valid release name for agent by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1604909749","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1356","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1356/hovercard",href:"https://github.com/rancher/fleet/pull/1356"},"#1356"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Update GitHub actions in release v0.5 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1455076517","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1107","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1107/hovercard",href:"https://github.com/rancher/fleet/pull/1107"},"#1107")),(0,l.kt)("li",null,"Bump bci images in release/v0.5 branch by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1530498191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1241","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1241/hovercard",href:"https://github.com/rancher/fleet/pull/1241"},"#1241")),(0,l.kt)("li",null,"Backport fix Windows 1809 builds on Drone by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1534752776","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1250","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1250/hovercard",href:"https://github.com/rancher/fleet/pull/1250"},"#1250")),(0,l.kt)("li",null,"Go dependencies and SLE-BCI bumps by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/macedogm/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/macedogm"},"@macedogm")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1535699592","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1255","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1255/hovercard",href:"https://github.com/rancher/fleet/pull/1255"},"#1255")),(0,l.kt)("li",null,"Bump gitjob to 0.1.36 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1557022079","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1276","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1276/hovercard",href:"https://github.com/rancher/fleet/pull/1276"},"#1276"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.5.0...v0.5.3"},(0,l.kt)("tt",null,"v0.5.0...v0.5.3"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"fleet-crd-0.5.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz"},"fleet-agent-0.5.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz"},"fleet-0.5.3.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.5.3"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/cd0bf424.19eb062d.js b/assets/js/cd0bf424.020cb63e.js similarity index 98% rename from assets/js/cd0bf424.19eb062d.js rename to assets/js/cd0bf424.020cb63e.js index c6b19d43e..a8b7680fc 100644 --- a/assets/js/cd0bf424.19eb062d.js +++ b/assets/js/cd0bf424.020cb63e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[208],{3905:(e,t,l)=>{l.d(t,{Zo:()=>u,kt:()=>m});var n=l(7294);function r(e,t,l){return t in e?Object.defineProperty(e,t,{value:l,enumerable:!0,configurable:!0,writable:!0}):e[t]=l,e}function s(e,t){var l=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),l.push.apply(l,n)}return l}function a(e){for(var t=1;t=0||(r[l]=e[l]);return r}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,l)&&(r[l]=e[l])}return r}var i=n.createContext({}),c=function(e){var t=n.useContext(i),l=t;return e&&(l="function"==typeof e?e(t):a(a({},t),e)),l},u=function(e){var t=c(e.components);return n.createElement(i.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var l=e.components,r=e.mdxType,s=e.originalType,i=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),d=c(l),m=r,h=d["".concat(i,".").concat(m)]||d[m]||p[m]||s;return l?n.createElement(h,a(a({ref:t},u),{},{components:l})):n.createElement(h,a({ref:t},u))}));function m(e,t){var l=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var s=l.length,a=new Array(s);a[0]=d;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:r,a[1]=o;for(var c=2;c{l.r(t),l.d(t,{assets:()=>i,contentTitle:()=>a,default:()=>p,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var n=l(7462),r=(l(7294),l(3905));const s={},a="Single Cluster Install",o={unversionedId:"single-cluster-install",id:"version-0.4/single-cluster-install",title:"Single Cluster Install",description:"In this use case you have only one cluster. The cluster will run both the Fleet",source:"@site/versioned_docs/version-0.4/single-cluster-install.md",sourceDirName:".",slug:"/single-cluster-install",permalink:"/0.4/single-cluster-install",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/single-cluster-install.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation",permalink:"/0.4/installation"},next:{title:"Multi-cluster Install",permalink:"/0.4/multi-cluster-install"}},i={},c=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Helm 3",id:"helm-3",level:3},{value:"Kubernetes",id:"kubernetes",level:3},{value:"Install",id:"install",level:2}],u={toc:c};function p(e){let{components:t,...s}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"single-cluster-install"},"Single Cluster Install"),(0,r.kt)("p",null,(0,r.kt)("img",{src:l(1313).Z,width:"520",height:"279"})),(0,r.kt)("p",null,"In this use case you have only one cluster. The cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,r.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,r.kt)("h3",{id:"helm-3"},"Helm 3"),(0,r.kt)("p",null,"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is\nfairly straight forward. To install the Helm 3 CLI follow the\n",(0,r.kt)("a",{parentName:"p",href:"https://helm.sh/docs/intro/install/"},"official install instructions"),". The TL;DR is"),(0,r.kt)("p",null,"macOS"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,r.kt)("p",null,"Windows"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"choco install kubernetes-helm\n")),(0,r.kt)("h3",{id:"kubernetes"},"Kubernetes"),(0,r.kt)("p",null,"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the\nsingle cluster use case you will install Fleet to the cluster which you intend to manage with GitOps.\nAny Kubernetes community supported version of Kubernetes will work, in practice this means 1.15 or greater."),(0,r.kt)("h2",{id:"install"},"Install"),(0,r.kt)("p",null,"Install the following two Helm charts."),(0,r.kt)("p",null,"First install the Fleet CustomResourcesDefintions."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-0.4.1.tgz\n")),(0,r.kt)("p",null,"Second install the Fleet controllers."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-0.4.1.tgz\n")),(0,r.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,r.kt)("p",null,"You can now ",(0,r.kt)("a",{parentName:"p",href:"/0.4/gitrepo-add"},"register some git repos")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."))}p.isMDXComponent=!0},1313:(e,t,l)=>{l.d(t,{Z:()=>n});const n=l.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[208],{3905:(e,t,l)=>{l.d(t,{Zo:()=>u,kt:()=>m});var n=l(7294);function r(e,t,l){return t in e?Object.defineProperty(e,t,{value:l,enumerable:!0,configurable:!0,writable:!0}):e[t]=l,e}function s(e,t){var l=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),l.push.apply(l,n)}return l}function a(e){for(var t=1;t=0||(r[l]=e[l]);return r}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,l)&&(r[l]=e[l])}return r}var i=n.createContext({}),c=function(e){var t=n.useContext(i),l=t;return e&&(l="function"==typeof e?e(t):a(a({},t),e)),l},u=function(e){var t=c(e.components);return n.createElement(i.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var l=e.components,r=e.mdxType,s=e.originalType,i=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),d=c(l),m=r,h=d["".concat(i,".").concat(m)]||d[m]||p[m]||s;return l?n.createElement(h,a(a({ref:t},u),{},{components:l})):n.createElement(h,a({ref:t},u))}));function m(e,t){var l=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var s=l.length,a=new Array(s);a[0]=d;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:r,a[1]=o;for(var c=2;c{l.r(t),l.d(t,{assets:()=>i,contentTitle:()=>a,default:()=>p,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var n=l(7462),r=(l(7294),l(3905));const s={},a="Single Cluster Install",o={unversionedId:"single-cluster-install",id:"version-0.4/single-cluster-install",title:"Single Cluster Install",description:"In this use case you have only one cluster. The cluster will run both the Fleet",source:"@site/versioned_docs/version-0.4/single-cluster-install.md",sourceDirName:".",slug:"/single-cluster-install",permalink:"/0.4/single-cluster-install",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/single-cluster-install.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation",permalink:"/0.4/installation"},next:{title:"Multi-cluster Install",permalink:"/0.4/multi-cluster-install"}},i={},c=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Helm 3",id:"helm-3",level:3},{value:"Kubernetes",id:"kubernetes",level:3},{value:"Install",id:"install",level:2}],u={toc:c};function p(e){let{components:t,...s}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"single-cluster-install"},"Single Cluster Install"),(0,r.kt)("p",null,(0,r.kt)("img",{src:l(1313).Z,width:"520",height:"279"})),(0,r.kt)("p",null,"In this use case you have only one cluster. The cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,r.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,r.kt)("h3",{id:"helm-3"},"Helm 3"),(0,r.kt)("p",null,"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is\nfairly straight forward. To install the Helm 3 CLI follow the\n",(0,r.kt)("a",{parentName:"p",href:"https://helm.sh/docs/intro/install/"},"official install instructions"),". The TL;DR is"),(0,r.kt)("p",null,"macOS"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,r.kt)("p",null,"Windows"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"choco install kubernetes-helm\n")),(0,r.kt)("h3",{id:"kubernetes"},"Kubernetes"),(0,r.kt)("p",null,"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the\nsingle cluster use case you will install Fleet to the cluster which you intend to manage with GitOps.\nAny Kubernetes community supported version of Kubernetes will work, in practice this means 1.15 or greater."),(0,r.kt)("h2",{id:"install"},"Install"),(0,r.kt)("p",null,"Install the following two Helm charts."),(0,r.kt)("p",null,"First install the Fleet CustomResourcesDefintions."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-crd-0.4.1.tgz\n")),(0,r.kt)("p",null,"Second install the Fleet controllers."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-0.4.1.tgz\n")),(0,r.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,r.kt)("p",null,"You can now ",(0,r.kt)("a",{parentName:"p",href:"/0.4/gitrepo-add"},"register some git repos")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."))}p.isMDXComponent=!0},1313:(e,t,l)=>{l.d(t,{Z:()=>n});const n=l.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/cd323ffc.7dbaf9bc.js b/assets/js/cd323ffc.56ff714c.js similarity index 98% rename from assets/js/cd323ffc.7dbaf9bc.js rename to assets/js/cd323ffc.56ff714c.js index 9905b1df3..5036d2c53 100644 --- a/assets/js/cd323ffc.7dbaf9bc.js +++ b/assets/js/cd323ffc.56ff714c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1910],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=c(n),u=r,g=d["".concat(l,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/docs/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/imagescan.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/webhook"},next:{title:"Create a Bundle Resource",permalink:"/bundle-add"}},l={},c=[],m={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order\n- policy:\n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver:\n range: "*"\n # can use ascending or descending order\n alphabetical:\n order: asc\n\n # specify images to scan\n image: "your.registry.com/repo/image"\n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret\n\n # Specify the scan interval\n interval: 5m\n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},'Semver will ignore pre-release versions (for example, 0.0.1-10) unless a pre-release version is explicitly used in the range definition.\nFor example, the "*" range will ignore pre-releases while ">= 0.0.1-10" will take them into account.')),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples\n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m\n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret\n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1910],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=c(n),u=r,g=d["".concat(l,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/docs/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/imagescan.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/webhook"},next:{title:"Create a Bundle Resource",permalink:"/bundle-add"}},l={},c=[],m={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order\n- policy:\n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver:\n range: "*"\n # can use ascending or descending order\n alphabetical:\n order: asc\n\n # specify images to scan\n image: "your.registry.com/repo/image"\n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret\n\n # Specify the scan interval\n interval: 5m\n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},'Semver will ignore pre-release versions (for example, 0.0.1-10) unless a pre-release version is explicitly used in the range definition.\nFor example, the "*" range will ignore pre-releases while ">= 0.0.1-10" will take them into account.')),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples\n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m\n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret\n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/ce48e831.84c3ad2d.js b/assets/js/ce48e831.3610462a.js similarity index 98% rename from assets/js/ce48e831.84c3ad2d.js rename to assets/js/ce48e831.3610462a.js index f0705c20a..dd8353659 100644 --- a/assets/js/ce48e831.84c3ad2d.js +++ b/assets/js/ce48e831.3610462a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3859],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},l="Core Concepts",s={unversionedId:"concepts",id:"version-0.7/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.7/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.7/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/concepts.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.7/architecture"},next:{title:"Bundle Lifecycle",permalink:"/0.7/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.7/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.7/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.7/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3859],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},l="Core Concepts",s={unversionedId:"concepts",id:"version-0.7/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.7/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.7/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/concepts.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.7/architecture"},next:{title:"Bundle Lifecycle",permalink:"/0.7/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.7/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.7/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.7/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/ce534227.81ecc09c.js b/assets/js/ce534227.ffbe5e24.js similarity index 98% rename from assets/js/ce534227.81ecc09c.js rename to assets/js/ce534227.ffbe5e24.js index 37f1776bf..58681fc11 100644 --- a/assets/js/ce534227.81ecc09c.js +++ b/assets/js/ce534227.ffbe5e24.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6342],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),l=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},p=function(e){var t=l(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=l(n),d=o,h=m["".concat(c,".").concat(d)]||m[d]||u[d]||a;return n?r.createElement(h,s(s({ref:t},p),{},{components:n})):r.createElement(h,s({ref:t},p))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,s=new Array(a);s[0]=m;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,s[1]=i;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>l});var r=n(7462),o=(n(7294),n(3905));const a={},s="GitRepo Resource",i={unversionedId:"ref-gitrepo",id:"version-0.6/ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/versioned_docs/version-0.6/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/0.6/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-gitrepo.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/0.6/ref-fleet-yaml"},next:{title:"Troubleshooting",permalink:"/0.6/troubleshooting"}},c={},l=[],p={toc:l};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n # \n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression. \n # Credentials will always be used if it is empty or not provided\n # \n # helmRepoURLRegex: https://charts.rancher.io/*\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6342],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var c=r.createContext({}),l=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},p=function(e){var t=l(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,c=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=l(n),d=o,h=m["".concat(c,".").concat(d)]||m[d]||u[d]||a;return n?r.createElement(h,s(s({ref:t},p),{},{components:n})):r.createElement(h,s({ref:t},p))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,s=new Array(a);s[0]=m;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:o,s[1]=i;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>l});var r=n(7462),o=(n(7294),n(3905));const a={},s="GitRepo Resource",i={unversionedId:"ref-gitrepo",id:"version-0.6/ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/versioned_docs/version-0.6/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/0.6/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-gitrepo.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/0.6/ref-fleet-yaml"},next:{title:"Troubleshooting",permalink:"/0.6/troubleshooting"}},c={},l=[],p={toc:l};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/0.6/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private registry you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n #\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n # \n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression. \n # Credentials will always be used if it is empty or not provided\n # \n # helmRepoURLRegex: https://charts.rancher.io/*\n #\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n #\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n #\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/cf6f5f9b.6e12073e.js b/assets/js/cf6f5f9b.9ac2fe29.js similarity index 98% rename from assets/js/cf6f5f9b.6e12073e.js rename to assets/js/cf6f5f9b.9ac2fe29.js index ddad831c7..0b7985002 100644 --- a/assets/js/cf6f5f9b.6e12073e.js +++ b/assets/js/cf6f5f9b.9ac2fe29.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9863],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"version-0.7/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.7/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.7/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/architecture.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.7/uninstall"},next:{title:"Core Concepts",permalink:"/0.7/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.7/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9863],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"version-0.7/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.7/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.7/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/architecture.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.7/uninstall"},next:{title:"Core Concepts",permalink:"/0.7/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.7/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file diff --git a/assets/js/d0180ce2.363df986.js b/assets/js/d0180ce2.6cc2d13b.js similarity index 99% rename from assets/js/d0180ce2.363df986.js rename to assets/js/d0180ce2.6cc2d13b.js index 66d40a907..c165546ef 100644 --- a/assets/js/d0180ce2.363df986.js +++ b/assets/js/d0180ce2.6cc2d13b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9532],{3905:(t,e,a)=>{a.d(e,{Zo:()=>s,kt:()=>k});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var p=n.createContext({}),m=function(t){var e=n.useContext(p),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},s=function(t){var e=m(t.components);return n.createElement(p.Provider,{value:e},t.children)},d={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},o=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,p=t.parentName,s=u(t,["components","mdxType","originalType","parentName"]),o=m(a),k=l,N=o["".concat(p,".").concat(k)]||o[k]||d[k]||r;return a?n.createElement(N,i(i({ref:e},s),{},{components:a})):n.createElement(N,i({ref:e},s))}));function k(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=o;var u={};for(var p in e)hasOwnProperty.call(e,p)&&(u[p]=e[p]);u.originalType=t,u.mdxType="string"==typeof t?t:l,i[1]=u;for(var m=2;m{a.r(e),a.d(e,{assets:()=>p,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>u,toc:()=>m});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",u={unversionedId:"ref-crds",id:"version-0.9/ref-crds",title:"Custom Resources Spec",description:"* Bundle",source:"@site/versioned_docs/version-0.9/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/0.9/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-crds.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"List of Deployed Resources",permalink:"/0.9/ref-resources"},next:{title:"fleet.yaml",permalink:"/0.9/ref-fleet-yaml"}},p={},m=[{value:"Bundle",id:"bundle",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentResource",id:"bundledeploymentresource",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"IgnoreOptions",id:"ignoreoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"Content",id:"content",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"CorrectDrift",id:"correctdrift",level:4},{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4}],s={toc:m};function d(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},s,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy"))),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("p",null,"Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.\\n\\nWhen a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("p",null,"BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is a summary state for the bundle, calculated over the non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching bundle's labels."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("p",null,"BundleResource represents the content of a single resource from the bundle, like a YAML manifest."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource, can include the bundle's internal path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"The content of the resource, can be compressed."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null},'Encoding is either empty or \\"base64+gz\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleresource"},"BundleResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions is an allow list, which controls if a bundledeployment is created for a target."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null},"NewlyCreated is the number of bundle deployments that have been created, not updated."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"UnavailablePartitions is the number of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable deployments. See rollout configuration."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"PartitionStatus lists the status of each partition."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc.."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("p",null,"BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of bundle deployments that have been deployed where some resources are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"ErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"OutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of bundle deployments that have been deployed where all resources are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null},"Pending is the number of bundle deployments that are being processed by Fleet controller."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of bundle deployments that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of states, which is filled for a bundle that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("p",null,"BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},'Name of target. This value is largely for display and logging. If not specified a default name of the format \\"target000\\" will be used'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName to match a specific cluster by name that will be selected"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup to match a specific cluster group by name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a selector to match cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"doNotDeploy"),(0,l.kt)("td",{parentName:"tr",align:null},"DoNotDeploy if set to true, will not deploy to this target."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("p",null,"BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("p",null,'NonReadyResource contains information about a bundle that is not ready for a given state like \\"ErrApplied\\". It contains a list of non-ready or modified resources and their states.'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, like e.g. \\"NotReady\\" or \\"ErrApplied\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains information why the bundle is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"ModifiedStatus lists the state for each modified resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyStatus lists the state for each non-ready resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("p",null,"Partition defines a separate rollout strategy for a set of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"A user-friendly name given to the partition used for Display (optional)."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"A cluster group name to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster group labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("p",null,"PartitionStatus is the status of a single rollout partition."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null},"Count is the number of clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary state for the partition, calculated over its non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("p",null,"ResourceKey lists resources, which will likely be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s api kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the k8s api version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("p",null,"RolloverStrategy controls the rollout of the bundle across clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partition"},"Partition")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("p",null,"BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ignore"),(0,l.kt)("td",{parentName:"tr",align:null},"IgnoreOptions can be used to ignore fields when monitoring the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceLabels are labels that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceAnnotations"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceAnnotations are annotations that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentresource"},"BundleDeploymentResource"),(0,l.kt)("p",null,"BundleDeploymentResource contains the metadata of a deployed resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"createdAt"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedOptions are the deployment options, that are staged for the next deployment."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedDeploymentID is the ID of the staged deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null},"Options are the deployment options, that are currently applied."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"DeploymentID is the ID of the currently applied deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources lists the metadata of resources that were deployed according to the helm release history."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("p",null,"ComparePatch matches a resource and removes fields from the check for modifications."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the kind of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the apiVersion of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null},"Operations remove a JSON path from the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#operation"},"Operation")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null},"JSONPointers ignore diffs at a certain JSON path."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null},"ComparePatches match a resource and remove fields from the check for modifications."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("p",null,"HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes helm skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disableDNS"),(0,l.kt)("td",{parentName:"tr",align:null},"DisableDNS can be used to customize Helm's EnableDNS option, which Fleet sets to ",(0,l.kt)("inlineCode",{parentName:"td"},"true")," by default."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"skipSchemaValidation"),(0,l.kt)("td",{parentName:"tr",align:null},"SkipSchemaValidation allows skipping schema validation against the chart values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"ignoreoptions"},"IgnoreOptions"),(0,l.kt)("p",null,"IgnoreOptions defines conditions to be ignored when monitoring the Bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions to be ignored when monitoring the Bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("p",null,"KustomizeOptions for a deployment."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null},"Dir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of a resource in the same namespace as the referent."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("p",null,"ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("p",null,"NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("p",null,'Operation of a ComparePatch, usually \\"remove\\".'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null},'Op is usually \\"remove\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null},"Path is the JSON path to remove."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null},"Value is usually empty."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("p",null,"YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null},'Overlays is a list of names that maps to folders in \\"overlays/\\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("p",null,"BundleNamespaceMapping maps bundles to clusters in other namespaces."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSeen is the last time the agent checked in to update the status of the cluster resource."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the namespace of the agent deployment, e.g. \\"cattle-fleet-system\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNodes is the number of nodes that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes is the number of nodes that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes contains the names of ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("p",null,"Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyNodes is a string in the form \\"%d/%d\\", that describes the number of nodes that are ready vs. the number of expected nodes.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null},"SampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State of the cluster, either one of the bundle states, or \\"WaitCheckIn\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. It can optionally contain a APIServerURL and CA to override the values in the fleet-controller's configmap."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecretNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecretNamespace is the namespace of the secret containing the kubeconfig for the downstream cluster. If unset, it will be assumed the secret can be found in the namespace that the Cluster object resides within."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]corev1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]corev1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinity"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.Affinity"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResources"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResources sets the resources for the cluster's agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.ResourceRequirements"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts is an aggregate over the GitRepoResourceCounts."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyGitRepos is the number of gitrepos for this cluster that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVarsHash is a hash of the agent's env vars, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentPrivateRepoURL is the private repo URL for the agent that is currently used."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentDeployedGeneration is the generation of the agent that is currently deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"CattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinityHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResourcesHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResourcesHash is a hash of the agent's resources configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerationsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentConfigChanged"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerURL"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerCAHash"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerCAHash is a hash of the upstream API server CA, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready bundles, nodes and a summary state."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentStatus contains information about the agent."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("p",null,"ClusterGroup is a re-usable selector to target a group of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is a summary state for the cluster group, showing \\"NotReady\\" if there are non-ready resources.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector is a label selector, used to select clusters for this group."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterCount is the number of clusters in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusterCount is the number of clusters that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of cluster names that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions and their statuses for the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundle deployments and their resources in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("p",null,"ClusterRegistration is used internally by Fleet and should not be used directly."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterLabels are copied to the cluster resource during the registration."),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is only set after the registration is being processed by fleet-controller."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null},"Granted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("p",null,"ClusterRegistrationToken is used by agents to register a new cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null},"TTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null},"Expires is the time when the token expires."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretName is the name of the secret containing the token."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("p",null,"Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"Content is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"correctdrift"},"CorrectDrift"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"enabled"),(0,l.kt)("td",{parentName:"tr",align:null},"Enabled correct drift if true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force helm rollback with --force option will be used if true. This will try to recreate all resources in the release."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepFailHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepFailHistory keeps track of failed rollbacks in the helm history."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("p",null,"GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundleDeployments is a string in the form \\"%d/%d\\", that describes the number of ready bundledeployments over the total number of bundledeployments.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the GitRepo, e.g. \\"GitUpdating\\" or the maximal BundleState according to StateRank.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains the relevant message from the deployment conditions."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if a message is present."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("p",null,"GitRepoResource contains metadata about the resources of a bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the API version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null},'Type is the type of the resource, e.g. \\"apiextensions.k8s.io.customresourcedefinition\\" or \\"configmap\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null},'ID is the name of the resource, e.g. \\"namespace1/my-config\\" or \\"backingimagemanagers.storage.io\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null},"IncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, e.g. \\"Unknown\\", \\"WaitApplied\\", \\"ErrApplied\\" or \\"Ready\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if any Error in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if any Transitioning in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message is the first message from the PerClusterStates."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null},"PerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("p",null,"GitRepoResourceCounts contains the number of resources in each state."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of resources that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of resources that are waiting to be applied."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of resources that have been modified."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null},"Orphaned is the number of orphaned resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null},"Missing is the number of missing resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null},"Unknown is the number of resources in an unknown state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of not ready resources. Resources are not ready if they do not match any other state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for a private Helm repository."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretNameForPaths"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretNameForPaths contains the auth secret for private Helm repository for each path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of targets this repo will deploy to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gittarget"},"GitTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when a new image is scanned and written back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit is the Git commit hash from the last gitjob run."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyClusters\\tis the number of clusters that should be ready for bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null},'GitJobStatus is the status of the last GitJob run, e.g. \\"Current\\" if there was no error.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains a human readable summary of the status."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains metadata about the resources of each bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceErrors is a sorted list of errors from the resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSyncedImageScanTime is the time of the last image scan."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("p",null,"GitTarget is a cluster or cluster group to deploy to."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of this target."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a label selector to select clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup is the name of a cluster group in the same namespace as the clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a label selector to select cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("p",null,"ResourcePerClusterState is generated for each non-ready resource of the bundles."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is the state of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if the resource is in an error state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message combines the messages from the bundle's summary. Messages are joined with the delimiter ';'."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null},"Patch for modified resources."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterID is the id of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("p",null,"GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultServiceAccount overrides the GitRepo's default service account."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultClientSecretName overrides the GitRepo's default client secret."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9532],{3905:(t,e,a)=>{a.d(e,{Zo:()=>s,kt:()=>k});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var p=n.createContext({}),m=function(t){var e=n.useContext(p),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},s=function(t){var e=m(t.components);return n.createElement(p.Provider,{value:e},t.children)},d={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},o=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,p=t.parentName,s=u(t,["components","mdxType","originalType","parentName"]),o=m(a),k=l,N=o["".concat(p,".").concat(k)]||o[k]||d[k]||r;return a?n.createElement(N,i(i({ref:e},s),{},{components:a})):n.createElement(N,i({ref:e},s))}));function k(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=o;var u={};for(var p in e)hasOwnProperty.call(e,p)&&(u[p]=e[p]);u.originalType=t,u.mdxType="string"==typeof t?t:l,i[1]=u;for(var m=2;m{a.r(e),a.d(e,{assets:()=>p,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>u,toc:()=>m});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",u={unversionedId:"ref-crds",id:"version-0.9/ref-crds",title:"Custom Resources Spec",description:"* Bundle",source:"@site/versioned_docs/version-0.9/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/0.9/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-crds.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"List of Deployed Resources",permalink:"/0.9/ref-resources"},next:{title:"fleet.yaml",permalink:"/0.9/ref-fleet-yaml"}},p={},m=[{value:"Bundle",id:"bundle",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentResource",id:"bundledeploymentresource",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"IgnoreOptions",id:"ignoreoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"Content",id:"content",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"CorrectDrift",id:"correctdrift",level:4},{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4}],s={toc:m};function d(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},s,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy"))),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("p",null,"Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.\\n\\nWhen a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("p",null,"BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is a summary state for the bundle, calculated over the non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching bundle's labels."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("p",null,"BundleResource represents the content of a single resource from the bundle, like a YAML manifest."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource, can include the bundle's internal path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"The content of the resource, can be compressed."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null},'Encoding is either empty or \\"base64+gz\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleresource"},"BundleResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions is an allow list, which controls if a bundledeployment is created for a target."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null},"NewlyCreated is the number of bundle deployments that have been created, not updated."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"UnavailablePartitions is the number of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable deployments. See rollout configuration."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"PartitionStatus lists the status of each partition."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc.."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("p",null,"BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of bundle deployments that have been deployed where some resources are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"ErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"OutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of bundle deployments that have been deployed where all resources are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null},"Pending is the number of bundle deployments that are being processed by Fleet controller."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of bundle deployments that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of states, which is filled for a bundle that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("p",null,"BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},'Name of target. This value is largely for display and logging. If not specified a default name of the format \\"target000\\" will be used'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName to match a specific cluster by name that will be selected"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup to match a specific cluster group by name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a selector to match cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"doNotDeploy"),(0,l.kt)("td",{parentName:"tr",align:null},"DoNotDeploy if set to true, will not deploy to this target."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("p",null,"BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("p",null,'NonReadyResource contains information about a bundle that is not ready for a given state like \\"ErrApplied\\". It contains a list of non-ready or modified resources and their states.'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, like e.g. \\"NotReady\\" or \\"ErrApplied\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains information why the bundle is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"ModifiedStatus lists the state for each modified resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyStatus lists the state for each non-ready resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("p",null,"Partition defines a separate rollout strategy for a set of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"A user-friendly name given to the partition used for Display (optional)."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"A cluster group name to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster group labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("p",null,"PartitionStatus is the status of a single rollout partition."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null},"Count is the number of clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary state for the partition, calculated over its non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("p",null,"ResourceKey lists resources, which will likely be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s api kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the k8s api version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("p",null,"RolloverStrategy controls the rollout of the bundle across clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partition"},"Partition")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("p",null,"BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ignore"),(0,l.kt)("td",{parentName:"tr",align:null},"IgnoreOptions can be used to ignore fields when monitoring the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceLabels are labels that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceAnnotations"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceAnnotations are annotations that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentresource"},"BundleDeploymentResource"),(0,l.kt)("p",null,"BundleDeploymentResource contains the metadata of a deployed resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"createdAt"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedOptions are the deployment options, that are staged for the next deployment."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedDeploymentID is the ID of the staged deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null},"Options are the deployment options, that are currently applied."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"DeploymentID is the ID of the currently applied deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources lists the metadata of resources that were deployed according to the helm release history."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("p",null,"ComparePatch matches a resource and removes fields from the check for modifications."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the kind of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the apiVersion of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null},"Operations remove a JSON path from the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#operation"},"Operation")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null},"JSONPointers ignore diffs at a certain JSON path."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null},"ComparePatches match a resource and remove fields from the check for modifications."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("p",null,"HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes helm skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disableDNS"),(0,l.kt)("td",{parentName:"tr",align:null},"DisableDNS can be used to customize Helm's EnableDNS option, which Fleet sets to ",(0,l.kt)("inlineCode",{parentName:"td"},"true")," by default."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"skipSchemaValidation"),(0,l.kt)("td",{parentName:"tr",align:null},"SkipSchemaValidation allows skipping schema validation against the chart values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"ignoreoptions"},"IgnoreOptions"),(0,l.kt)("p",null,"IgnoreOptions defines conditions to be ignored when monitoring the Bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions to be ignored when monitoring the Bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("p",null,"KustomizeOptions for a deployment."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null},"Dir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of a resource in the same namespace as the referent."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("p",null,"ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("p",null,"NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("p",null,'Operation of a ComparePatch, usually \\"remove\\".'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null},'Op is usually \\"remove\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null},"Path is the JSON path to remove."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null},"Value is usually empty."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("p",null,"YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null},'Overlays is a list of names that maps to folders in \\"overlays/\\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("p",null,"BundleNamespaceMapping maps bundles to clusters in other namespaces."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSeen is the last time the agent checked in to update the status of the cluster resource."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the namespace of the agent deployment, e.g. \\"cattle-fleet-system\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNodes is the number of nodes that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes is the number of nodes that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes contains the names of ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("p",null,"Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyNodes is a string in the form \\"%d/%d\\", that describes the number of nodes that are ready vs. the number of expected nodes.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null},"SampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State of the cluster, either one of the bundle states, or \\"WaitCheckIn\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. It can optionally contain a APIServerURL and CA to override the values in the fleet-controller's configmap."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecretNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecretNamespace is the namespace of the secret containing the kubeconfig for the downstream cluster. If unset, it will be assumed the secret can be found in the namespace that the Cluster object resides within."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]corev1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]corev1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinity"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.Affinity"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResources"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResources sets the resources for the cluster's agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.ResourceRequirements"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts is an aggregate over the GitRepoResourceCounts."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyGitRepos is the number of gitrepos for this cluster that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVarsHash is a hash of the agent's env vars, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentPrivateRepoURL is the private repo URL for the agent that is currently used."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentDeployedGeneration is the generation of the agent that is currently deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"CattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinityHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResourcesHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResourcesHash is a hash of the agent's resources configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerationsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentConfigChanged"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerURL"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerCAHash"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerCAHash is a hash of the upstream API server CA, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready bundles, nodes and a summary state."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentStatus contains information about the agent."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("p",null,"ClusterGroup is a re-usable selector to target a group of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is a summary state for the cluster group, showing \\"NotReady\\" if there are non-ready resources.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector is a label selector, used to select clusters for this group."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterCount is the number of clusters in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusterCount is the number of clusters that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of cluster names that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions and their statuses for the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundle deployments and their resources in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("p",null,"ClusterRegistration is used internally by Fleet and should not be used directly."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterLabels are copied to the cluster resource during the registration."),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is only set after the registration is being processed by fleet-controller."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null},"Granted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("p",null,"ClusterRegistrationToken is used by agents to register a new cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null},"TTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null},"Expires is the time when the token expires."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretName is the name of the secret containing the token."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("p",null,"Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"Content is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"correctdrift"},"CorrectDrift"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"enabled"),(0,l.kt)("td",{parentName:"tr",align:null},"Enabled correct drift if true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force helm rollback with --force option will be used if true. This will try to recreate all resources in the release."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepFailHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepFailHistory keeps track of failed rollbacks in the helm history."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("p",null,"GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundleDeployments is a string in the form \\"%d/%d\\", that describes the number of ready bundledeployments over the total number of bundledeployments.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the GitRepo, e.g. \\"GitUpdating\\" or the maximal BundleState according to StateRank.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains the relevant message from the deployment conditions."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if a message is present."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("p",null,"GitRepoResource contains metadata about the resources of a bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the API version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null},'Type is the type of the resource, e.g. \\"apiextensions.k8s.io.customresourcedefinition\\" or \\"configmap\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null},'ID is the name of the resource, e.g. \\"namespace1/my-config\\" or \\"backingimagemanagers.storage.io\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null},"IncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, e.g. \\"Unknown\\", \\"WaitApplied\\", \\"ErrApplied\\" or \\"Ready\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if any Error in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if any Transitioning in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message is the first message from the PerClusterStates."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null},"PerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("p",null,"GitRepoResourceCounts contains the number of resources in each state."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of resources that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of resources that are waiting to be applied."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of resources that have been modified."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null},"Orphaned is the number of orphaned resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null},"Missing is the number of missing resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null},"Unknown is the number of resources in an unknown state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of not ready resources. Resources are not ready if they do not match any other state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for a private Helm repository."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretNameForPaths"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretNameForPaths contains the auth secret for private Helm repository for each path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of targets this repo will deploy to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gittarget"},"GitTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when a new image is scanned and written back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit is the Git commit hash from the last gitjob run."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyClusters\\tis the number of clusters that should be ready for bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null},'GitJobStatus is the status of the last GitJob run, e.g. \\"Current\\" if there was no error.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains a human readable summary of the status."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains metadata about the resources of each bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceErrors is a sorted list of errors from the resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSyncedImageScanTime is the time of the last image scan."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("p",null,"GitTarget is a cluster or cluster group to deploy to."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of this target."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a label selector to select clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup is the name of a cluster group in the same namespace as the clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a label selector to select cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("p",null,"ResourcePerClusterState is generated for each non-ready resource of the bundles."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is the state of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if the resource is in an error state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message combines the messages from the bundle's summary. Messages are joined with the delimiter ';'."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null},"Patch for modified resources."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterID is the id of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("p",null,"GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultServiceAccount overrides the GitRepo's default service account."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultClientSecretName overrides the GitRepo's default client secret."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d0436963.bae7c477.js b/assets/js/d0436963.1e69a56d.js similarity index 96% rename from assets/js/d0436963.bae7c477.js rename to assets/js/d0436963.1e69a56d.js index d5139f073..4fd3f2e31 100644 --- a/assets/js/d0436963.bae7c477.js +++ b/assets/js/d0436963.1e69a56d.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6195],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>g});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),f=s(r),g=o,d=f["".concat(i,".").concat(g)]||f[g]||u[g]||a;return r?n.createElement(d,c(c({ref:t},p),{},{components:r})):n.createElement(d,c({ref:t},p))}));function g(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,c=new Array(a);c[0]=f;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l.mdxType="string"==typeof e?e:o,c[1]=l;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>c,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"0.7 Changelogs"},c=void 0,l={unversionedId:"changelogs/index",id:"version-0.7/changelogs/index",title:"0.7 Changelogs",description:"* v0.7.1 (latest)",source:"@site/versioned_docs/version-0.7/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.7/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/changelogs/index.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.7 Changelogs"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("p",{parentName:"li"},(0,o.kt)("a",{parentName:"p",href:"/0.7/changelogs/changelogs/v0.7.1"},"v0.7.1")," (latest)")),(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("p",{parentName:"li"},(0,o.kt)("a",{parentName:"p",href:"/0.7/changelogs/changelogs/v0.7.0"},"v0.7.0")))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6195],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>g});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),f=s(r),g=o,d=f["".concat(i,".").concat(g)]||f[g]||u[g]||a;return r?n.createElement(d,c(c({ref:t},p),{},{components:r})):n.createElement(d,c({ref:t},p))}));function g(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,c=new Array(a);c[0]=f;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l.mdxType="string"==typeof e?e:o,c[1]=l;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>c,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"0.7 Changelogs"},c=void 0,l={unversionedId:"changelogs/index",id:"version-0.7/changelogs/index",title:"0.7 Changelogs",description:"* v0.7.1 (latest)",source:"@site/versioned_docs/version-0.7/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.7/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/changelogs/index.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.7 Changelogs"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("p",{parentName:"li"},(0,o.kt)("a",{parentName:"p",href:"/0.7/changelogs/changelogs/v0.7.1"},"v0.7.1")," (latest)")),(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("p",{parentName:"li"},(0,o.kt)("a",{parentName:"p",href:"/0.7/changelogs/changelogs/v0.7.0"},"v0.7.0")))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d254ed97.ec6c9484.js b/assets/js/d254ed97.65c76dfd.js similarity index 98% rename from assets/js/d254ed97.ec6c9484.js rename to assets/js/d254ed97.65c76dfd.js index 3de4f6d67..cf373ebd0 100644 --- a/assets/js/d254ed97.ec6c9484.js +++ b/assets/js/d254ed97.65c76dfd.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3105],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>h});var r=a(7294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var p=r.createContext({}),s=function(e){var t=r.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=s(e.components);return r.createElement(p.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,l=e.originalType,p=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=s(a),h=n,f=u["".concat(p,".").concat(h)]||u[h]||m[h]||l;return a?r.createElement(f,o(o({ref:t},c),{},{components:a})):r.createElement(f,o({ref:t},c))}));function h(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var l=a.length,o=new Array(l);o[0]=u;var i={};for(var p in t)hasOwnProperty.call(t,p)&&(i[p]=t[p]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=a(7462),n=(a(7294),a(3905));const l={title:"v0.5.1",date:"2023-01-23 14:09:59 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.5.1",id:"version-0.5/changelogs/changelogs/v0.5.1",title:"v0.5.1",description:"(rancherio-gh-m) released this 2023-01-23 1459 +0000 UTC",source:"@site/versioned_docs/version-0.5/changelogs/changelogs/v0.5.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.5.1",permalink:"/0.5/changelogs/changelogs/v0.5.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/changelogs/v0.5.1.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.5.1",date:"2023-01-23 14:09:59 +0000 UTC"},sidebar:"docs",previous:{title:"v0.5.0",permalink:"/0.5/changelogs/changelogs/v0.5.0"},next:{title:"v0.5.2",permalink:"/0.5/changelogs/changelogs/v0.5.2"}},p={},s=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],c={toc:s};function m(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,r.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-01-23 14:09:59 +0000 UTC*")),(0,n.kt)("h2",{id:"description"},"Description"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Fix git validation problem in wrangler")),(0,n.kt)("p",null,(0,n.kt)("strong",null,"Full Changelog"),": ",(0,n.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.5.0...v0.5.1"},(0,n.kt)("tt",null,"v0.5.0...v0.5.1"))),(0,n.kt)("h2",{id:"download"},"Download"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-crd-0.5.1.tgz"},"fleet-crd-0.5.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-agent-0.5.1.tgz"},"fleet-agent-0.5.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-0.5.1.tgz"},"fleet-0.5.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-linux-s390x"},"fleet-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,n.kt)("p",null,(0,n.kt)("em",{parentName:"p"},"Information retrieved from ",(0,n.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.5.1"},"here"))))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3105],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>h});var r=a(7294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var p=r.createContext({}),s=function(e){var t=r.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=s(e.components);return r.createElement(p.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,l=e.originalType,p=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=s(a),h=n,f=u["".concat(p,".").concat(h)]||u[h]||m[h]||l;return a?r.createElement(f,o(o({ref:t},c),{},{components:a})):r.createElement(f,o({ref:t},c))}));function h(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var l=a.length,o=new Array(l);o[0]=u;var i={};for(var p in t)hasOwnProperty.call(t,p)&&(i[p]=t[p]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=a(7462),n=(a(7294),a(3905));const l={title:"v0.5.1",date:"2023-01-23 14:09:59 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.5.1",id:"version-0.5/changelogs/changelogs/v0.5.1",title:"v0.5.1",description:"(rancherio-gh-m) released this 2023-01-23 1459 +0000 UTC",source:"@site/versioned_docs/version-0.5/changelogs/changelogs/v0.5.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.5.1",permalink:"/0.5/changelogs/changelogs/v0.5.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/changelogs/v0.5.1.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.5.1",date:"2023-01-23 14:09:59 +0000 UTC"},sidebar:"docs",previous:{title:"v0.5.0",permalink:"/0.5/changelogs/changelogs/v0.5.0"},next:{title:"v0.5.2",permalink:"/0.5/changelogs/changelogs/v0.5.2"}},p={},s=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],c={toc:s};function m(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,r.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-01-23 14:09:59 +0000 UTC*")),(0,n.kt)("h2",{id:"description"},"Description"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Fix git validation problem in wrangler")),(0,n.kt)("p",null,(0,n.kt)("strong",null,"Full Changelog"),": ",(0,n.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.5.0...v0.5.1"},(0,n.kt)("tt",null,"v0.5.0...v0.5.1"))),(0,n.kt)("h2",{id:"download"},"Download"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-crd-0.5.1.tgz"},"fleet-crd-0.5.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-agent-0.5.1.tgz"},"fleet-agent-0.5.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-0.5.1.tgz"},"fleet-0.5.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-linux-s390x"},"fleet-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.1/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,n.kt)("p",null,(0,n.kt)("em",{parentName:"p"},"Information retrieved from ",(0,n.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.5.1"},"here"))))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d26595bf.c6cd5377.js b/assets/js/d26595bf.394c5422.js similarity index 99% rename from assets/js/d26595bf.c6cd5377.js rename to assets/js/d26595bf.394c5422.js index abe07f0d8..2f31673fe 100644 --- a/assets/js/d26595bf.c6cd5377.js +++ b/assets/js/d26595bf.394c5422.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7876],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,n=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,k=u["".concat(n,".").concat(p)]||u[p]||h[p]||s;return a?r.createElement(k,i(i({ref:t},d),{},{components:a})):r.createElement(k,i({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,i=new Array(s);i[0]=u;var o={};for(var n in t)hasOwnProperty.call(t,n)&&(o[n]=t[n]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>i,default:()=>h,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const s={title:"v0.8.0",date:"2023-09-11 15:05:53 +0000 UTC"},i=void 0,o={unversionedId:"changelogs/changelogs/v0.8.0",id:"version-0.8/changelogs/changelogs/v0.8.0",title:"v0.8.0",description:"(rancherio-gh-m) released this 2023-09-11 1553 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.0",permalink:"/0.8/changelogs/changelogs/v0.8.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.0.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.8.0",date:"2023-09-11 15:05:53 +0000 UTC"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.8/troubleshooting"},next:{title:"v0.8.1",permalink:"/0.8/changelogs/changelogs/v0.8.1"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-09-11 15:05:53 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h1",null,"Notes on 0.8.0"),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Allow helm credentials to be defined for each path by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1727085185","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1557","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1557/hovercard",href:"https://github.com/rancher/fleet/pull/1557"},"#1557")),(0,l.kt)("li",null,"Add cluster name and namespace to BundleDeployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1736703491","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1571","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1571/hovercard",href:"https://github.com/rancher/fleet/pull/1571"},"#1571")),(0,l.kt)("li",null,"Add DoNotDeploy and OverrideTargets by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1742026878","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1580","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1580/hovercard",href:"https://github.com/rancher/fleet/pull/1580"},"#1580")),(0,l.kt)("li",null,"Drift correction by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1760099815","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1594","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1594/hovercard",href:"https://github.com/rancher/fleet/pull/1594"},"#1594")),(0,l.kt)("li",null,"Add helm release resources to bd status by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1760832327","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1596","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1596/hovercard",href:"https://github.com/rancher/fleet/pull/1596"},"#1596")),(0,l.kt)("li",null,"Add NamespaceLabels and NamespaceAnnotations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1786451555","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1627","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1627/hovercard",href:"https://github.com/rancher/fleet/pull/1627"},"#1627")),(0,l.kt)("li",null,"Support exclusion of files and directories from bundles via ",(0,l.kt)("code",null,".fleetignore")," by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1789222079","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1634","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1634/hovercard",href:"https://github.com/rancher/fleet/pull/1634"},"#1634")),(0,l.kt)("li",null,"Add hook on upgrade to clean up old, duplicate clusterregistrations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1831523656","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1689","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1689/hovercard",href:"https://github.com/rancher/fleet/pull/1689"},"#1689"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Cleanup command takes string durations as arguments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1836935733","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1697","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1697/hovercard",href:"https://github.com/rancher/fleet/pull/1697"},"#1697")))),(0,l.kt)("li",null,"Clean up old clusterregistrations and remember cluster's api server by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1813740722","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1658","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1658/hovercard",href:"https://github.com/rancher/fleet/pull/1658"},"#1658"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Clusteregistration less aggressive cleanup by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1820301580","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1675","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1675/hovercard",href:"https://github.com/rancher/fleet/pull/1675"},"#1675")),(0,l.kt)("li",null,"Return early from clusterregistration handler by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1821988540","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1676","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1676/hovercard",href:"https://github.com/rancher/fleet/pull/1676"},"#1676")))),(0,l.kt)("li",null,"Restrict registration to leader agent by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1830725807","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1687","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1687/hovercard",href:"https://github.com/rancher/fleet/pull/1687"},"#1687")),(0,l.kt)("li",null,"Do not restart agents when adopting them with a bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1824265931","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1678","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1678/hovercard",href:"https://github.com/rancher/fleet/pull/1678"},"#1678"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Agent registration recovery by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1736435720","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1567","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1567/hovercard",href:"https://github.com/rancher/fleet/pull/1567"},"#1567")),(0,l.kt)("li",null,"Use correct string comparison in gitjob update script by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1765567189","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1610","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1610/hovercard",href:"https://github.com/rancher/fleet/pull/1610"},"#1610")),(0,l.kt)("li",null,"Reduce Helm history to two entries by default by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1763288512","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1607","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1607/hovercard",href:"https://github.com/rancher/fleet/pull/1607"},"#1607")),(0,l.kt)("li",null,"Fix Helm release name generation to prevent double dashes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1800340686","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1647","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1647/hovercard",href:"https://github.com/rancher/fleet/pull/1647"},"#1647")),(0,l.kt)("li",null,"Prevent non-hex chars in release name hash by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1801057525","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1649","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1649/hovercard",href:"https://github.com/rancher/fleet/pull/1649"},"#1649")),(0,l.kt)("li",null,"Enforce strict match on cluster name when fetching bundledeployments by cluster by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1815877612","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1662","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1662/hovercard",href:"https://github.com/rancher/fleet/pull/1662"},"#1662"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Adapt e2e tests for local infra setup tests by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1793202710","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1638","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1638/hovercard",href:"https://github.com/rancher/fleet/pull/1638"},"#1638")),(0,l.kt)("li",null,"Add CONTRIBUTING.md by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/kkaempf/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/kkaempf"},"@kkaempf")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1700435199","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1517","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1517/hovercard",href:"https://github.com/rancher/fleet/pull/1517"},"#1517")),(0,l.kt)("li",null,"Add GitRepo e2e test case involving auth to a local Helm registry by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1754951261","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1591","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1591/hovercard",href:"https://github.com/rancher/fleet/pull/1591"},"#1591")),(0,l.kt)("li",null,"Add end-to-end tests for Helm auth with HTTP by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1769095254","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1613","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1613/hovercard",href:"https://github.com/rancher/fleet/pull/1613"},"#1613")),(0,l.kt)("li",null,"Add webhook-based gitrepo test by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1736472732","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1568","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1568/hovercard",href:"https://github.com/rancher/fleet/pull/1568"},"#1568")),(0,l.kt)("li",null,"Bump Gitjob chart to 0.1.76 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1859325560","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1729","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1729/hovercard",href:"https://github.com/rancher/fleet/pull/1729"},"#1729")),(0,l.kt)("li",null,"Do not indent release.yaml entries by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1828612133","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1686","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1686/hovercard",href:"https://github.com/rancher/fleet/pull/1686"},"#1686")),(0,l.kt)("li",null,"Fix e2e tests requiring secrets by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1774322432","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1619","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1619/hovercard",href:"https://github.com/rancher/fleet/pull/1619"},"#1619")),(0,l.kt)("li",null,"Fix linting errors by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1809551397","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1655","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1655/hovercard",href:"https://github.com/rancher/fleet/pull/1655"},"#1655")),(0,l.kt)("li",null,"Fix release against charts repo script by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1769659094","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1614","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1614/hovercard",href:"https://github.com/rancher/fleet/pull/1614"},"#1614")),(0,l.kt)("li",null,"Go K8s related security bumps backport by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1846650979","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1710","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1710/hovercard",href:"https://github.com/rancher/fleet/pull/1710"},"#1710")),(0,l.kt)("li",null,"Install ",(0,l.kt)("code",null,"tar")," in linux-amd64/fossa Drone CI pipeline by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1741303954","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1578","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1578/hovercard",href:"https://github.com/rancher/fleet/pull/1578"},"#1578")),(0,l.kt)("li",null,"Migrate e2e tests to local git server by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1733659980","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1563","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1563/hovercard",href:"https://github.com/rancher/fleet/pull/1563"},"#1563")),(0,l.kt)("li",null,"Only replace the Chart version during release by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1759128522","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1593","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1593/hovercard",href:"https://github.com/rancher/fleet/pull/1593"},"#1593")),(0,l.kt)("li",null,"Provide README.mds for all Fleet helm-charts by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1762784106","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1598","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1598/hovercard",href:"https://github.com/rancher/fleet/pull/1598"},"#1598")),(0,l.kt)("li",null,"Provide path to relevant directory when building git server image for nightly CI workflow by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1798449455","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1646","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1646/hovercard",href:"https://github.com/rancher/fleet/pull/1646"},"#1646")),(0,l.kt)("li",null,"Refactor target match packages by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1756526990","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1592","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1592/hovercard",href:"https://github.com/rancher/fleet/pull/1592"},"#1592")),(0,l.kt)("li",null,"Refactorings registration by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1736603398","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1570","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1570/hovercard",href:"https://github.com/rancher/fleet/pull/1570"},"#1570")),(0,l.kt)("li",null,"Remove k8s 1.20 from PR CI matrix by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1824489430","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1680","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1680/hovercard",href:"https://github.com/rancher/fleet/pull/1680"},"#1680")),(0,l.kt)("li",null,"Remove rancher/qa mention from PR template by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1789292000","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1635","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1635/hovercard",href:"https://github.com/rancher/fleet/pull/1635"},"#1635")),(0,l.kt)("li",null,'Remove schedule run for "Upgrade Fleet in Rancher to Latest Release CI" by ',(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1738184347","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1573","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1573/hovercard",href:"https://github.com/rancher/fleet/pull/1573"},"#1573")),(0,l.kt)("li",null,"Replace 3rd party action with native CLI by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rancher-security-bot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rancher-security-bot"},"@rancher-security-bot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1787273210","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1628","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1628/hovercard",href:"https://github.com/rancher/fleet/pull/1628"},"#1628")),(0,l.kt)("li",null,"Restructure package layout to add internal package by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1781051757","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1624","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1624/hovercard",href:"https://github.com/rancher/fleet/pull/1624"},"#1624")),(0,l.kt)("li",null,"Split test images from fleet images dev script by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1767710221","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1612","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1612/hovercard",href:"https://github.com/rancher/fleet/pull/1612"},"#1612")),(0,l.kt)("li",null,"Test for DependsOn by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1779054939","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1623","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1623/hovercard",href:"https://github.com/rancher/fleet/pull/1623"},"#1623")),(0,l.kt)("li",null,"Unpin ginkgo version installed in CI by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1774342641","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1620","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1620/hovercard",href:"https://github.com/rancher/fleet/pull/1620"},"#1620")),(0,l.kt)("li",null,"Update README.md by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/andriisoldatenko/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/andriisoldatenko"},"@andriisoldatenko")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1721693997","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1550","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1550/hovercard",href:"https://github.com/rancher/fleet/pull/1550"},"#1550")),(0,l.kt)("li",null,"Update README.md by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1760241049","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1595","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1595/hovercard",href:"https://github.com/rancher/fleet/pull/1595"},"#1595")),(0,l.kt)("li",null,"Update release doc for updating Fleet components by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1774423872","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1621","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1621/hovercard",href:"https://github.com/rancher/fleet/pull/1621"},"#1621")),(0,l.kt)("li",null,"Use separate gitrepo resource for test case requiring secret by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1785783453","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1626","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1626/hovercard",href:"https://github.com/rancher/fleet/pull/1626"},"#1626")),(0,l.kt)("li",null,"build(deps): bump bci/bci-base from 15.5.36.5.21 to 15.5.36.5.25 in /\u2026 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1859072014","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1727","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1727/hovercard",href:"https://github.com/rancher/fleet/pull/1727"},"#1727")),(0,l.kt)("li",null,"build(deps): bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"organization","data-hovercard-url":"/orgs/dependabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/dependabot"},"@dependabot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1828450988","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1683","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1683/hovercard",href:"https://github.com/rancher/fleet/pull/1683"},"#1683")),(0,l.kt)("li",null,"build(deps): bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.2 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"organization","data-hovercard-url":"/orgs/dependabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/dependabot"},"@dependabot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1828451199","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1684","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1684/hovercard",href:"https://github.com/rancher/fleet/pull/1684"},"#1684"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.7.1...v0.8.0"},(0,l.kt)("tt",null,"v0.7.1...v0.8.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-linux-s390x"},"fleet-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-crd-0.8.0.tgz"},"fleet-crd-0.8.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-agent-0.8.0.tgz"},"fleet-agent-0.8.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-0.8.0.tgz"},"fleet-0.8.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.0"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7876],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,n=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,k=u["".concat(n,".").concat(p)]||u[p]||h[p]||s;return a?r.createElement(k,i(i({ref:t},d),{},{components:a})):r.createElement(k,i({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,i=new Array(s);i[0]=u;var o={};for(var n in t)hasOwnProperty.call(t,n)&&(o[n]=t[n]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>i,default:()=>h,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const s={title:"v0.8.0",date:"2023-09-11 15:05:53 +0000 UTC"},i=void 0,o={unversionedId:"changelogs/changelogs/v0.8.0",id:"version-0.8/changelogs/changelogs/v0.8.0",title:"v0.8.0",description:"(rancherio-gh-m) released this 2023-09-11 1553 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.0",permalink:"/0.8/changelogs/changelogs/v0.8.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.0.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.8.0",date:"2023-09-11 15:05:53 +0000 UTC"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.8/troubleshooting"},next:{title:"v0.8.1",permalink:"/0.8/changelogs/changelogs/v0.8.1"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-09-11 15:05:53 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h1",null,"Notes on 0.8.0"),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Allow helm credentials to be defined for each path by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1727085185","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1557","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1557/hovercard",href:"https://github.com/rancher/fleet/pull/1557"},"#1557")),(0,l.kt)("li",null,"Add cluster name and namespace to BundleDeployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1736703491","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1571","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1571/hovercard",href:"https://github.com/rancher/fleet/pull/1571"},"#1571")),(0,l.kt)("li",null,"Add DoNotDeploy and OverrideTargets by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1742026878","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1580","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1580/hovercard",href:"https://github.com/rancher/fleet/pull/1580"},"#1580")),(0,l.kt)("li",null,"Drift correction by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1760099815","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1594","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1594/hovercard",href:"https://github.com/rancher/fleet/pull/1594"},"#1594")),(0,l.kt)("li",null,"Add helm release resources to bd status by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1760832327","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1596","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1596/hovercard",href:"https://github.com/rancher/fleet/pull/1596"},"#1596")),(0,l.kt)("li",null,"Add NamespaceLabels and NamespaceAnnotations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1786451555","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1627","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1627/hovercard",href:"https://github.com/rancher/fleet/pull/1627"},"#1627")),(0,l.kt)("li",null,"Support exclusion of files and directories from bundles via ",(0,l.kt)("code",null,".fleetignore")," by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1789222079","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1634","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1634/hovercard",href:"https://github.com/rancher/fleet/pull/1634"},"#1634")),(0,l.kt)("li",null,"Add hook on upgrade to clean up old, duplicate clusterregistrations by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1831523656","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1689","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1689/hovercard",href:"https://github.com/rancher/fleet/pull/1689"},"#1689"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Cleanup command takes string durations as arguments by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1836935733","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1697","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1697/hovercard",href:"https://github.com/rancher/fleet/pull/1697"},"#1697")))),(0,l.kt)("li",null,"Clean up old clusterregistrations and remember cluster's api server by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1813740722","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1658","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1658/hovercard",href:"https://github.com/rancher/fleet/pull/1658"},"#1658"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Clusteregistration less aggressive cleanup by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1820301580","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1675","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1675/hovercard",href:"https://github.com/rancher/fleet/pull/1675"},"#1675")),(0,l.kt)("li",null,"Return early from clusterregistration handler by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1821988540","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1676","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1676/hovercard",href:"https://github.com/rancher/fleet/pull/1676"},"#1676")))),(0,l.kt)("li",null,"Restrict registration to leader agent by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1830725807","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1687","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1687/hovercard",href:"https://github.com/rancher/fleet/pull/1687"},"#1687")),(0,l.kt)("li",null,"Do not restart agents when adopting them with a bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1824265931","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1678","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1678/hovercard",href:"https://github.com/rancher/fleet/pull/1678"},"#1678"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Agent registration recovery by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1736435720","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1567","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1567/hovercard",href:"https://github.com/rancher/fleet/pull/1567"},"#1567")),(0,l.kt)("li",null,"Use correct string comparison in gitjob update script by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1765567189","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1610","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1610/hovercard",href:"https://github.com/rancher/fleet/pull/1610"},"#1610")),(0,l.kt)("li",null,"Reduce Helm history to two entries by default by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/moio/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/moio"},"@moio")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1763288512","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1607","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1607/hovercard",href:"https://github.com/rancher/fleet/pull/1607"},"#1607")),(0,l.kt)("li",null,"Fix Helm release name generation to prevent double dashes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1800340686","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1647","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1647/hovercard",href:"https://github.com/rancher/fleet/pull/1647"},"#1647")),(0,l.kt)("li",null,"Prevent non-hex chars in release name hash by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1801057525","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1649","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1649/hovercard",href:"https://github.com/rancher/fleet/pull/1649"},"#1649")),(0,l.kt)("li",null,"Enforce strict match on cluster name when fetching bundledeployments by cluster by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1815877612","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1662","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1662/hovercard",href:"https://github.com/rancher/fleet/pull/1662"},"#1662"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Adapt e2e tests for local infra setup tests by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1793202710","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1638","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1638/hovercard",href:"https://github.com/rancher/fleet/pull/1638"},"#1638")),(0,l.kt)("li",null,"Add CONTRIBUTING.md by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/kkaempf/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/kkaempf"},"@kkaempf")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1700435199","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1517","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1517/hovercard",href:"https://github.com/rancher/fleet/pull/1517"},"#1517")),(0,l.kt)("li",null,"Add GitRepo e2e test case involving auth to a local Helm registry by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1754951261","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1591","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1591/hovercard",href:"https://github.com/rancher/fleet/pull/1591"},"#1591")),(0,l.kt)("li",null,"Add end-to-end tests for Helm auth with HTTP by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1769095254","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1613","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1613/hovercard",href:"https://github.com/rancher/fleet/pull/1613"},"#1613")),(0,l.kt)("li",null,"Add webhook-based gitrepo test by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1736472732","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1568","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1568/hovercard",href:"https://github.com/rancher/fleet/pull/1568"},"#1568")),(0,l.kt)("li",null,"Bump Gitjob chart to 0.1.76 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1859325560","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1729","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1729/hovercard",href:"https://github.com/rancher/fleet/pull/1729"},"#1729")),(0,l.kt)("li",null,"Do not indent release.yaml entries by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1828612133","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1686","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1686/hovercard",href:"https://github.com/rancher/fleet/pull/1686"},"#1686")),(0,l.kt)("li",null,"Fix e2e tests requiring secrets by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1774322432","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1619","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1619/hovercard",href:"https://github.com/rancher/fleet/pull/1619"},"#1619")),(0,l.kt)("li",null,"Fix linting errors by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1809551397","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1655","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1655/hovercard",href:"https://github.com/rancher/fleet/pull/1655"},"#1655")),(0,l.kt)("li",null,"Fix release against charts repo script by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1769659094","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1614","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1614/hovercard",href:"https://github.com/rancher/fleet/pull/1614"},"#1614")),(0,l.kt)("li",null,"Go K8s related security bumps backport by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1846650979","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1710","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1710/hovercard",href:"https://github.com/rancher/fleet/pull/1710"},"#1710")),(0,l.kt)("li",null,"Install ",(0,l.kt)("code",null,"tar")," in linux-amd64/fossa Drone CI pipeline by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1741303954","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1578","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1578/hovercard",href:"https://github.com/rancher/fleet/pull/1578"},"#1578")),(0,l.kt)("li",null,"Migrate e2e tests to local git server by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1733659980","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1563","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1563/hovercard",href:"https://github.com/rancher/fleet/pull/1563"},"#1563")),(0,l.kt)("li",null,"Only replace the Chart version during release by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1759128522","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1593","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1593/hovercard",href:"https://github.com/rancher/fleet/pull/1593"},"#1593")),(0,l.kt)("li",null,"Provide README.mds for all Fleet helm-charts by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1762784106","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1598","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1598/hovercard",href:"https://github.com/rancher/fleet/pull/1598"},"#1598")),(0,l.kt)("li",null,"Provide path to relevant directory when building git server image for nightly CI workflow by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1798449455","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1646","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1646/hovercard",href:"https://github.com/rancher/fleet/pull/1646"},"#1646")),(0,l.kt)("li",null,"Refactor target match packages by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1756526990","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1592","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1592/hovercard",href:"https://github.com/rancher/fleet/pull/1592"},"#1592")),(0,l.kt)("li",null,"Refactorings registration by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1736603398","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1570","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1570/hovercard",href:"https://github.com/rancher/fleet/pull/1570"},"#1570")),(0,l.kt)("li",null,"Remove k8s 1.20 from PR CI matrix by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1824489430","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1680","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1680/hovercard",href:"https://github.com/rancher/fleet/pull/1680"},"#1680")),(0,l.kt)("li",null,"Remove rancher/qa mention from PR template by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1789292000","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1635","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1635/hovercard",href:"https://github.com/rancher/fleet/pull/1635"},"#1635")),(0,l.kt)("li",null,'Remove schedule run for "Upgrade Fleet in Rancher to Latest Release CI" by ',(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1738184347","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1573","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1573/hovercard",href:"https://github.com/rancher/fleet/pull/1573"},"#1573")),(0,l.kt)("li",null,"Replace 3rd party action with native CLI by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rancher-security-bot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rancher-security-bot"},"@rancher-security-bot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1787273210","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1628","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1628/hovercard",href:"https://github.com/rancher/fleet/pull/1628"},"#1628")),(0,l.kt)("li",null,"Restructure package layout to add internal package by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1781051757","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1624","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1624/hovercard",href:"https://github.com/rancher/fleet/pull/1624"},"#1624")),(0,l.kt)("li",null,"Split test images from fleet images dev script by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1767710221","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1612","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1612/hovercard",href:"https://github.com/rancher/fleet/pull/1612"},"#1612")),(0,l.kt)("li",null,"Test for DependsOn by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1779054939","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1623","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1623/hovercard",href:"https://github.com/rancher/fleet/pull/1623"},"#1623")),(0,l.kt)("li",null,"Unpin ginkgo version installed in CI by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1774342641","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1620","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1620/hovercard",href:"https://github.com/rancher/fleet/pull/1620"},"#1620")),(0,l.kt)("li",null,"Update README.md by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/andriisoldatenko/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/andriisoldatenko"},"@andriisoldatenko")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1721693997","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1550","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1550/hovercard",href:"https://github.com/rancher/fleet/pull/1550"},"#1550")),(0,l.kt)("li",null,"Update README.md by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1760241049","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1595","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1595/hovercard",href:"https://github.com/rancher/fleet/pull/1595"},"#1595")),(0,l.kt)("li",null,"Update release doc for updating Fleet components by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1774423872","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1621","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1621/hovercard",href:"https://github.com/rancher/fleet/pull/1621"},"#1621")),(0,l.kt)("li",null,"Use separate gitrepo resource for test case requiring secret by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1785783453","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1626","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1626/hovercard",href:"https://github.com/rancher/fleet/pull/1626"},"#1626")),(0,l.kt)("li",null,"build(deps): bump bci/bci-base from 15.5.36.5.21 to 15.5.36.5.25 in /\u2026 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1859072014","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1727","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1727/hovercard",href:"https://github.com/rancher/fleet/pull/1727"},"#1727")),(0,l.kt)("li",null,"build(deps): bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"organization","data-hovercard-url":"/orgs/dependabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/dependabot"},"@dependabot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1828450988","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1683","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1683/hovercard",href:"https://github.com/rancher/fleet/pull/1683"},"#1683")),(0,l.kt)("li",null,"build(deps): bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.2 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"organization","data-hovercard-url":"/orgs/dependabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/dependabot"},"@dependabot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1828451199","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1684","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1684/hovercard",href:"https://github.com/rancher/fleet/pull/1684"},"#1684"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.7.1...v0.8.0"},(0,l.kt)("tt",null,"v0.7.1...v0.8.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-linux-s390x"},"fleet-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-crd-0.8.0.tgz"},"fleet-crd-0.8.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-agent-0.8.0.tgz"},"fleet-agent-0.8.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-0.8.0.tgz"},"fleet-0.8.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.0/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.0"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d277059e.b9cbabdb.js b/assets/js/d277059e.1f7a6374.js similarity index 97% rename from assets/js/d277059e.b9cbabdb.js rename to assets/js/d277059e.1f7a6374.js index 2b38684df..73f54cc9c 100644 --- a/assets/js/d277059e.b9cbabdb.js +++ b/assets/js/d277059e.1f7a6374.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2491],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||o;return n?r.createElement(m,a(a({ref:t},p),{},{components:n})):r.createElement(m,a({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=n.length,a=new Array(o);a[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>f,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet apply"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"version-0.7/cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/versioned_docs/version-0.7/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/0.7/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-cli/fleet_apply.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/0.7/cli/fleet-cli/fleet"},next:{title:"fleet test",permalink:"/0.7/cli/fleet-cli/fleet_test"}},s={},c=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -h, --help help for apply\n -l, --label strings Labels to apply to created bundles\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2491],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||o;return n?r.createElement(m,a(a({ref:t},p),{},{components:n})):r.createElement(m,a({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=n.length,a=new Array(o);a[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>f,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet apply"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"version-0.7/cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/versioned_docs/version-0.7/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/0.7/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-cli/fleet_apply.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/0.7/cli/fleet-cli/fleet"},next:{title:"fleet test",permalink:"/0.7/cli/fleet-cli/fleet_test"}},s={},c=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -h, --help help for apply\n -l, --label strings Labels to apply to created bundles\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d362fc0b.f477c54e.js b/assets/js/d362fc0b.ee690b13.js similarity index 99% rename from assets/js/d362fc0b.f477c54e.js rename to assets/js/d362fc0b.ee690b13.js index 2dd50be31..cf3727871 100644 --- a/assets/js/d362fc0b.f477c54e.js +++ b/assets/js/d362fc0b.ee690b13.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4412],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function s(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var i=r.createContext({}),c=function(e){var t=r.useContext(i),a=t;return e&&(a="function"==typeof e?e(t):s(s({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,i=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(i,".").concat(p)]||u[p]||h[p]||n;return a?r.createElement(m,s(s({ref:t},d),{},{components:a})):r.createElement(m,s({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,s=new Array(n);s[0]=u;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:l,s[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>i,contentTitle:()=>s,default:()=>h,frontMatter:()=>n,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.5.2",date:"2023-02-23 08:01:03 +0000 UTC"},s=void 0,o={unversionedId:"changelogs/changelogs/v0.5.2",id:"version-0.5/changelogs/changelogs/v0.5.2",title:"v0.5.2",description:"(rancherio-gh-m) released this 2023-02-23 0803 +0000 UTC",source:"@site/versioned_docs/version-0.5/changelogs/changelogs/v0.5.2.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.5.2",permalink:"/0.5/changelogs/changelogs/v0.5.2",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/changelogs/v0.5.2.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.5.2",date:"2023-02-23 08:01:03 +0000 UTC"},sidebar:"docs",previous:{title:"v0.5.1",permalink:"/0.5/changelogs/changelogs/v0.5.1"},next:{title:"v0.5.3",permalink:"/0.5/changelogs/changelogs/v0.5.3"}},i={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-02-23 08:01:03 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Disable Gitops Feature Breaks Fleet Controller Deployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1502700385","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1195","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1195/hovercard",href:"https://github.com/rancher/fleet/pull/1195"},"#1195")),(0,l.kt)("li",null,"Add emptyDir volume to Fleet controller for /tmp by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504797073","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1202","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1202/hovercard",href:"https://github.com/rancher/fleet/pull/1202"},"#1202")),(0,l.kt)("li",null,"Bump bci images in release/v0.5 branch by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1530498191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1241","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1241/hovercard",href:"https://github.com/rancher/fleet/pull/1241"},"#1241")),(0,l.kt)("li",null,"Go dependencies and SLE-BCI bumps by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/macedogm/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/macedogm"},"@macedogm")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1535699592","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1255","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1255/hovercard",href:"https://github.com/rancher/fleet/pull/1255"},"#1255")),(0,l.kt)("li",null,"Do not fail on missing labels by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1548776358","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1261","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1261/hovercard",href:"https://github.com/rancher/fleet/pull/1261"},"#1261")),(0,l.kt)("li",null,"Fix Rancher upgrade by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1556869984","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1275","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1275/hovercard",href:"https://github.com/rancher/fleet/pull/1275"},"#1275")),(0,l.kt)("li",null,"Bump gitjob to 0.1.36 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1557022079","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1276","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1276/hovercard",href:"https://github.com/rancher/fleet/pull/1276"},"#1276")),(0,l.kt)("li",null,"Long release names shorten once by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1557863677","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1279","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1279/hovercard",href:"https://github.com/rancher/fleet/pull/1279"},"#1279")),(0,l.kt)("li",null,'Backport "Reading contents&secrets uses specific service account" by ',(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1566163652","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1298","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1298/hovercard",href:"https://github.com/rancher/fleet/pull/1298"},"#1298")),(0,l.kt)("li",null,"Fix agent not starting in fleet-system namespace by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1585833920","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1322","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1322/hovercard",href:"https://github.com/rancher/fleet/pull/1322"},"#1322"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.5.0...v0.5.2"},(0,l.kt)("tt",null,"v0.5.0...v0.5.2"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-crd-0.5.2.tgz"},"fleet-crd-0.5.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-agent-0.5.2.tgz"},"fleet-agent-0.5.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-0.5.2.tgz"},"fleet-0.5.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.5.2"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4412],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function s(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var i=r.createContext({}),c=function(e){var t=r.useContext(i),a=t;return e&&(a="function"==typeof e?e(t):s(s({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,i=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(i,".").concat(p)]||u[p]||h[p]||n;return a?r.createElement(m,s(s({ref:t},d),{},{components:a})):r.createElement(m,s({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,s=new Array(n);s[0]=u;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:l,s[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>i,contentTitle:()=>s,default:()=>h,frontMatter:()=>n,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"v0.5.2",date:"2023-02-23 08:01:03 +0000 UTC"},s=void 0,o={unversionedId:"changelogs/changelogs/v0.5.2",id:"version-0.5/changelogs/changelogs/v0.5.2",title:"v0.5.2",description:"(rancherio-gh-m) released this 2023-02-23 0803 +0000 UTC",source:"@site/versioned_docs/version-0.5/changelogs/changelogs/v0.5.2.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.5.2",permalink:"/0.5/changelogs/changelogs/v0.5.2",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/changelogs/changelogs/v0.5.2.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.5.2",date:"2023-02-23 08:01:03 +0000 UTC"},sidebar:"docs",previous:{title:"v0.5.1",permalink:"/0.5/changelogs/changelogs/v0.5.1"},next:{title:"v0.5.3",permalink:"/0.5/changelogs/changelogs/v0.5.3"}},i={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-02-23 08:01:03 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Disable Gitops Feature Breaks Fleet Controller Deployment by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1502700385","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1195","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1195/hovercard",href:"https://github.com/rancher/fleet/pull/1195"},"#1195")),(0,l.kt)("li",null,"Add emptyDir volume to Fleet controller for /tmp by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1504797073","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1202","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1202/hovercard",href:"https://github.com/rancher/fleet/pull/1202"},"#1202")),(0,l.kt)("li",null,"Bump bci images in release/v0.5 branch by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1530498191","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1241","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1241/hovercard",href:"https://github.com/rancher/fleet/pull/1241"},"#1241")),(0,l.kt)("li",null,"Go dependencies and SLE-BCI bumps by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/macedogm/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/macedogm"},"@macedogm")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1535699592","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1255","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1255/hovercard",href:"https://github.com/rancher/fleet/pull/1255"},"#1255")),(0,l.kt)("li",null,"Do not fail on missing labels by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1548776358","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1261","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1261/hovercard",href:"https://github.com/rancher/fleet/pull/1261"},"#1261")),(0,l.kt)("li",null,"Fix Rancher upgrade by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1556869984","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1275","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1275/hovercard",href:"https://github.com/rancher/fleet/pull/1275"},"#1275")),(0,l.kt)("li",null,"Bump gitjob to 0.1.36 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1557022079","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1276","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1276/hovercard",href:"https://github.com/rancher/fleet/pull/1276"},"#1276")),(0,l.kt)("li",null,"Long release names shorten once by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1557863677","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1279","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1279/hovercard",href:"https://github.com/rancher/fleet/pull/1279"},"#1279")),(0,l.kt)("li",null,'Backport "Reading contents&secrets uses specific service account" by ',(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1566163652","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1298","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1298/hovercard",href:"https://github.com/rancher/fleet/pull/1298"},"#1298")),(0,l.kt)("li",null,"Fix agent not starting in fleet-system namespace by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1585833920","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1322","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1322/hovercard",href:"https://github.com/rancher/fleet/pull/1322"},"#1322"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.5.0...v0.5.2"},(0,l.kt)("tt",null,"v0.5.0...v0.5.2"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-crd-0.5.2.tgz"},"fleet-crd-0.5.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-agent-0.5.2.tgz"},"fleet-agent-0.5.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-0.5.2.tgz"},"fleet-0.5.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.5.2/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.5.2"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d3d84dd8.7bee13e0.js b/assets/js/d3d84dd8.0ba82524.js similarity index 98% rename from assets/js/d3d84dd8.7bee13e0.js rename to assets/js/d3d84dd8.0ba82524.js index 0fc07f506..d649f291a 100644 --- a/assets/js/d3d84dd8.7bee13e0.js +++ b/assets/js/d3d84dd8.0ba82524.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1898],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"version-0.8/cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/versioned_docs/version-0.8/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/0.8/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-controller/fleet-manager.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/0.8/cli/fleet-cli/fleet_test"},next:{title:"Cluster and Bundle State",permalink:"/0.8/cluster-bundles-state"}},c={},s=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-bootstrap disable agent on local cluster\n --disable-gitops disable gitops components\n -h, --help help for fleet-manager\n --kubeconfig string Kubeconfig file\n --namespace string namespace to watch (default "cattle-fleet-system")\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1898],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"version-0.8/cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/versioned_docs/version-0.8/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/0.8/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cli/fleet-controller/fleet-manager.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/0.8/cli/fleet-cli/fleet_test"},next:{title:"Cluster and Bundle State",permalink:"/0.8/cluster-bundles-state"}},c={},s=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-bootstrap disable agent on local cluster\n --disable-gitops disable gitops components\n -h, --help help for fleet-manager\n --kubeconfig string Kubeconfig file\n --namespace string namespace to watch (default "cattle-fleet-system")\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d3d9887a.e17657e6.js b/assets/js/d3d9887a.d9ae67b9.js similarity index 99% rename from assets/js/d3d9887a.e17657e6.js rename to assets/js/d3d9887a.d9ae67b9.js index 86a07b3c0..fd34a7564 100644 --- a/assets/js/d3d9887a.e17657e6.js +++ b/assets/js/d3d9887a.d9ae67b9.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3714],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>m});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),m=r,h=c["".concat(s,".").concat(m)]||c[m]||d[m]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function m(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Expected Repo Structure",i={unversionedId:"gitrepo-structure",id:"version-0.5/gitrepo-structure",title:"Expected Repo Structure",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.5/gitrepo-structure.md",sourceDirName:".",slug:"/gitrepo-structure",permalink:"/0.5/gitrepo-structure",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/gitrepo-structure.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Adding a GitRepo",permalink:"/0.5/gitrepo-add"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.5/gitrepo-targets"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Reference",id:"reference",level:3},{value:"Private Helm Repositories",id:"private-helm-repositories",level:3},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle state",id:"cluster-and-bundle-state",level:2}],u={toc:p};function d(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"expected-repo-structure"},"Expected Repo Structure"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/0.5/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/0.5/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/0.5/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("h3",{id:"reference"},"Reference"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",{parentName:"admonition"},(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helmValues")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),".")))),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n variableName: global.fleet.clusterLabels.LABELNAME\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default \n key: values.yaml\n secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector: agroup\n \n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. \n clusterName: dev-cluster \n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n - name: one-multi-cluster-hello-world\n')),(0,r.kt)("h3",{id:"private-helm-repositories"},"Private Helm Repositories"),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in downstream clusters."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata: \n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file we be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle state"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/0.5/cluster-bundles-state"},"Cluster and Bundle state"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3714],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>m});var n=a(7294);function r(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function o(e){for(var t=1;t=0||(r[a]=e[a]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(r[a]=e[a])}return r}var s=n.createContext({}),p=function(e){var t=n.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return n.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},c=n.forwardRef((function(e,t){var a=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),c=p(a),m=r,h=c["".concat(s,".").concat(m)]||c[m]||d[m]||l;return a?n.createElement(h,o(o({ref:t},u),{},{components:a})):n.createElement(h,o({ref:t},u))}));function m(e,t){var a=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=a.length,o=new Array(l);o[0]=c;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),r=(a(7294),a(3905));const l={},o="Expected Repo Structure",i={unversionedId:"gitrepo-structure",id:"version-0.5/gitrepo-structure",title:"Expected Repo Structure",description:"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a fleet.yaml is found.",source:"@site/versioned_docs/version-0.5/gitrepo-structure.md",sourceDirName:".",slug:"/gitrepo-structure",permalink:"/0.5/gitrepo-structure",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/gitrepo-structure.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Adding a GitRepo",permalink:"/0.5/gitrepo-add"},next:{title:"Mapping to Downstream Clusters",permalink:"/0.5/gitrepo-targets"}},s={},p=[{value:"How repos are scanned",id:"how-repos-are-scanned",level:2},{value:"fleet.yaml",id:"fleetyaml",level:2},{value:"Reference",id:"reference",level:3},{value:"Private Helm Repositories",id:"private-helm-repositories",level:3},{value:"Using ValuesFrom",id:"using-valuesfrom",level:3},{value:"Per Cluster Customization",id:"per-cluster-customization",level:2},{value:"Raw YAML Resource Customization",id:"raw-yaml-resource-customization",level:2},{value:"Cluster and Bundle state",id:"cluster-and-bundle-state",level:2}],u={toc:p};function d(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"expected-repo-structure"},"Expected Repo Structure"),(0,r.kt)("p",null,"Fleet will create bundles from a git repository. This happens either explicitly by specifying paths, or when a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is found."),(0,r.kt)("p",null,"Each bundle is created from paths in a GitRepo and modified further by reading the discovered ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file.\nBundle lifecycles are tracked between releases by the helm releaseName field added to each bundle. If the releaseName is not\nspecified within fleet.yaml it is generated from ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo.name + path"),". Long names are truncated and a ",(0,r.kt)("inlineCode",{parentName:"p"},"-")," prefix is added."),(0,r.kt)("p",null,(0,r.kt)("strong",{parentName:"p"},"The git repository has no explicitly required structure.")," It is important\nto realize the scanned resources will be saved as a resource in Kubernetes so\nyou want to make sure the directories you are scanning in git do not contain\narbitrarily large resources. Right now there is a limitation that the resources\ndeployed must ",(0,r.kt)("strong",{parentName:"p"},"gzip to less than 1MB"),"."),(0,r.kt)("h2",{id:"how-repos-are-scanned"},"How repos are scanned"),(0,r.kt)("p",null,"Multiple paths can be defined for a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and each path is scanned independently.\nInternally each scanned path will become a ",(0,r.kt)("a",{parentName:"p",href:"/0.5/concepts"},"bundle")," that Fleet will manage,\ndeploy, and monitor independently."),(0,r.kt)("p",null,"The following files are looked for to determine the how the resources will be deployed."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"File"),(0,r.kt)("th",{parentName:"tr",align:null},"Location"),(0,r.kt)("th",{parentName:"tr",align:null},"Meaning"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"Chart.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed as a Helm chart. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"kustomization.yaml"),":"),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")," or custom path from ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"The resources will be deployed using Kustomize. Refer to the ",(0,r.kt)("inlineCode",{parentName:"td"},"fleet.yaml")," for more options.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"fleet.yaml")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If any fleet.yaml is found a new ",(0,r.kt)("a",{parentName:"td",href:"/0.5/concepts"},"bundle")," will be defined. This allows mixing charts, kustomize, and raw YAML in the same repo")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"}," *.yaml ")),(0,r.kt)("td",{parentName:"tr",align:null},"Any subpath"),(0,r.kt)("td",{parentName:"tr",align:null},"If a ",(0,r.kt)("inlineCode",{parentName:"td"},"Chart.yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},"kustomization.yaml")," is not found then any ",(0,r.kt)("inlineCode",{parentName:"td"},".yaml")," or ",(0,r.kt)("inlineCode",{parentName:"td"},".yml")," file will be assumed to be a Kubernetes resource and will be deployed.")),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("strong",{parentName:"td"},"overlays/{name}")),(0,r.kt)("td",{parentName:"tr",align:null},"/ relative to ",(0,r.kt)("inlineCode",{parentName:"td"},"path")),(0,r.kt)("td",{parentName:"tr",align:null},"When deploying using raw YAML (not Kustomize or Helm) ",(0,r.kt)("inlineCode",{parentName:"td"},"overlays")," is a special directory for customizations.")))),(0,r.kt)("h2",{id:"fleetyaml"},(0,r.kt)("inlineCode",{parentName:"h2"},"fleet.yaml")),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is an optional file that can be included in the git repository to change the behavior of how\nthe resources are deployed and customized. The ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," is always at the root relative to the ",(0,r.kt)("inlineCode",{parentName:"p"},"path")," of the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),"\nand if a subdirectory is found with a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," a new ",(0,r.kt)("a",{parentName:"p",href:"/0.5/concepts"},"bundle")," is defined that will then be\nconfigured differently from the parent bundle."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Helm chart dependencies"),":\nIt is up to the user to fulfill the dependency list for the Helm charts. As such, you must manually run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies update $chart")," OR run ",(0,r.kt)("inlineCode",{parentName:"p"},"helm dependencies build $chart")," prior to install. See the ",(0,r.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.6/en/deploy-across-clusters/fleet/#helm-chart-dependencies"},"Fleet docs")," in Rancher for more information.")),(0,r.kt)("h3",{id:"reference"},"Reference"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"How changes are applied to ",(0,r.kt)("inlineCode",{parentName:"strong"},"values.yaml")),":"),(0,r.kt)("ul",{parentName:"admonition"},(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"Note that the most recently applied changes to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," will override any previously existing values.")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("p",{parentName:"li"},"When changes are applied to the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," from multiple sources at the same time, the values will update in the following order: ",(0,r.kt)("inlineCode",{parentName:"p"},"helmValues")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFiles")," -> ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.valuesFrom"),".")))),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'# The default namespace to be applied to resources. This field is not used to\n# enforce or lock down the deployment to a specific namespace, but instead\n# provide the default value of the namespace field if one is not specified\n# in the manifests.\n# Default: default\ndefaultNamespace: default\n\n# All resources will be assigned to this namespace and if any cluster scoped\n# resource exists the deployment will fail.\n# Default: ""\nnamespace: default\n\nkustomize:\n # Use a custom folder for kustomize resources. This folder must contain\n # a kustomization.yaml file.\n dir: ./kustomize\n\nhelm:\n # Use a custom location for the Helm chart. This can refer to any go-getter URL or\n # OCI registry based helm chart URL e.g. "oci://ghcr.io/fleetrepoci/guestbook".\n # This allows one to download charts from most any location. Also know that\n # go-getter URL supports adding a digest to validate the download. If repo\n # is set below this field is the name of the chart to lookup\n chart: ./chart\n # A https URL to a Helm repo to download the chart from. It\'s typically easier\n # to just use `chart` field and refer to a tgz file. If repo is used the\n # value of `chart` will be used as the chart name to lookup in the Helm repository.\n repo: https://charts.rancher.io\n # A custom release name to deploy the chart as. If not specified a release name\n # will be generated by combining the invoking GitRepo.name + GitRepo.path.\n releaseName: my-release\n # The version of the chart or semver constraint of the chart to find. If a constraint\n # is specified it is evaluated each time git changes.\n # The version also determines which chart to download from OCI registries.\n version: 0.1.0\n # Any values that should be placed in the `values.yaml` and passed to helm during\n # install.\n values:\n any-custom: value\n # All labels on Rancher clusters are available using global.fleet.clusterLabels.LABELNAME\n # These can now be accessed directly as variables\n variableName: global.fleet.clusterLabels.LABELNAME\n # Path to any values files that need to be passed to helm during install\n valuesFiles:\n - values1.yaml\n - values2.yaml\n # Allow to use values files from configmaps or secrets\n valuesFrom:\n - configMapKeyRef:\n name: configmap-values\n # default to namespace of bundle\n namespace: default \n key: values.yaml\n secretKeyRef:\n name: secret-values\n namespace: default\n key: values.yaml\n # Override immutable resources. This could be dangerous.\n force: false\n # Set the Helm --atomic flag when upgrading\n atomic: false\n\n# A paused bundle will not update downstream clusters but instead mark the bundle\n# as OutOfSync. One can then manually confirm that a bundle should be deployed to\n# the downstream clusters.\n# Default: false\npaused: false\n\nrolloutStrategy:\n # A number or percentage of clusters that can be unavailable during an update\n # of a bundle. This follows the same basic approach as a deployment rollout\n # strategy. Once the number of clusters meets unavailable state update will be\n # paused. Default value is 100% which doesn\'t take effect on update.\n # default: 100%\n maxUnavailable: 15%\n # A number or percentage of cluster partitions that can be unavailable during\n # an update of a bundle.\n # default: 0\n maxUnavailablePartitions: 20%\n # A number of percentage of how to automatically partition clusters if not\n # specific partitioning strategy is configured.\n # default: 25%\n autoPartitionSize: 10%\n # A list of definitions of partitions. If any target clusters do not match\n # the configuration they are added to partitions at the end following the\n # autoPartitionSize.\n partitions:\n # A user friend name given to the partition used for Display (optional).\n # default: ""\n - name: canary\n # A number or percentage of clusters that can be unavailable in this\n # partition before this partition is treated as done.\n # default: 10%\n maxUnavailable: 10%\n # Selector matching cluster labels to include in this partition\n clusterSelector:\n matchLabels:\n env: prod\n # A cluster group name to include in this partition\n clusterGroup: agroup\n # Selector matching cluster group labels to include in this partition\n clusterGroupSelector: agroup\n \n# Target customization are used to determine how resources should be modified per target\n# Targets are evaluated in order and the first one to match a cluster is used for that cluster.\ntargetCustomizations:\n# The name of target. If not specified a default name of the format "target000"\n# will be used. This value is mostly for display\n- name: prod\n # Custom namespace value overriding the value at the root\n namespace: newvalue\n # Custom defaultNamespace value overriding the value at the root\n defaultNamespace: newdefaultvalue\n # Custom kustomize options overriding the options at the root\n kustomize: {}\n # Custom Helm options override the options at the root\n helm: {}\n # If using raw YAML these are names that map to overlays/{name} that will be used\n # to replace or patch a resource. If you wish to customize the file ./subdir/resource.yaml\n # then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file.\n # A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.\n # A patch can in JSON Patch or JSON Merge format or a strategic merge patch for builtin\n # Kubernetes types. Refer to "Raw YAML Resource Customization" below for more information.\n yaml:\n overlays:\n - custom2\n - custom3\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match a specific cluster by name. \n clusterName: dev-cluster \n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n\n# dependsOn allows you to configure dependencies to other bundles. The current bundle\n# will only be deployed, after all dependencies are deployed and in a Ready state.\ndependsOn:\n # Format: - with all path separators replaced by "-"\n # Example: GitRepo name "one", Bundle path "/multi-cluster/hello-world" => "one-multi-cluster-hello-world"\n - name: one-multi-cluster-hello-world\n')),(0,r.kt)("h3",{id:"private-helm-repositories"},"Private Helm Repositories"),(0,r.kt)("p",null,"For a private Helm repo, users can reference a secret from the git repo resource.\nSee ",(0,r.kt)("a",{parentName:"p",href:"gitrepo-add#using-private-helm-repositories"},"Using Private Helm Repositories")," for more information."),(0,r.kt)("h3",{id:"using-valuesfrom"},"Using ValuesFrom"),(0,r.kt)("p",null,"These examples showcase the style and format for using ",(0,r.kt)("inlineCode",{parentName:"p"},"valuesFrom"),". ConfigMaps and Secrets should be created in downstream clusters."),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/configmap/"},"ConfigMap"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: ConfigMap\nmetadata:\n name: configmap-values\n namespace: default\ndata: \n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("p",null,"Example ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/configuration/secret/"},"Secret"),":"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: v1\nkind: Secret\nmetadata:\n name: secret-values\n namespace: default\nstringData:\n values.yaml: |-\n replication: true\n replicas: 2\n serviceType: NodePort\n")),(0,r.kt)("h2",{id:"per-cluster-customization"},"Per Cluster Customization"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," defines which clusters a git repository should be deployed to and the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in the repository\ndetermines how the resources are customized per target."),(0,r.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets of that\n",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),". The targets list is evaluated one by one and if there is a match the resource will be deployed to the cluster.\nIf no match is made against the target list on the ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the resources will not be deployed to that cluster.\nOnce a target cluster is matched the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," from the git repository is then consulted for customizations. The\n",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations")," in the ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," will be evaluated one by one and the first match will define how the\nresource is to be configured. If no match is made the resources will be deployed with no additional customizations."),(0,r.kt)("p",null,"There are three approaches to matching clusters for both ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," ",(0,r.kt)("inlineCode",{parentName:"p"},"targetCustomizations"),'.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,r.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,r.kt)("h2",{id:"raw-yaml-resource-customization"},"Raw YAML Resource Customization"),(0,r.kt)("p",null,"When using Kustomize or Helm the ",(0,r.kt)("inlineCode",{parentName:"p"},"kustomization.yaml")," or the ",(0,r.kt)("inlineCode",{parentName:"p"},"helm.values")," will control how the resource are\ncustomized per target cluster. If you are using raw YAML then the following simple mechanism is built-in and can\nbe used. The ",(0,r.kt)("inlineCode",{parentName:"p"},"overlays/")," folder in the git repo is treated specially as folder containing folders that\ncan be selected to overlay on top per target cluster. The resource overlay content\nuses a file name based approach. This is different from kustomize which uses a resource based approach. In kustomize\nthe resource Group, Kind, Version, Name, and Namespace identify resources and are then merged or patched. For Fleet\nthe overlay resources will override or patch content with a matching file name."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"# Base files\ndeployment.yaml\nsvc.yaml\n\n# Overlay files\n\n# The following file we be added\noverlays/custom/configmap.yaml\n# The following file will replace svc.yaml\noverlays/custom/svc.yaml\n# The following file will patch deployment.yaml\noverlays/custom/deployment_patch.yaml\n")),(0,r.kt)("p",null,"A file named ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," will replace a file called ",(0,r.kt)("inlineCode",{parentName:"p"},"foo")," from the base resources or a previous overlay. In order to patch\nthe contents a file the convention of adding ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch.")," (notice the trailing period) to the filename is used. The string ",(0,r.kt)("inlineCode",{parentName:"p"},"_patch."),"\nwill be replaced with ",(0,r.kt)("inlineCode",{parentName:"p"},".")," from the file name and that will be used as the target. For example ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment_patch.yaml"),"\nwill target ",(0,r.kt)("inlineCode",{parentName:"p"},"deployment.yaml"),". The patch will be applied using JSON Merge, Strategic Merge Patch, or JSON Patch.\nWhich strategy is used is based on the file content. Even though JSON strategies are used, the files can be written\nusing YAML syntax."),(0,r.kt)("h2",{id:"cluster-and-bundle-state"},"Cluster and Bundle state"),(0,r.kt)("p",null,"See ",(0,r.kt)("a",{parentName:"p",href:"/0.5/cluster-bundles-state"},"Cluster and Bundle state"),"."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d53097a5.e33d3d98.js b/assets/js/d53097a5.2945a300.js similarity index 98% rename from assets/js/d53097a5.e33d3d98.js rename to assets/js/d53097a5.2945a300.js index c1a0db855..f051075c2 100644 --- a/assets/js/d53097a5.e33d3d98.js +++ b/assets/js/d53097a5.2945a300.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1736],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"version-0.9/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.9/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.9/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/architecture.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.9/uninstall"},next:{title:"Core Concepts",permalink:"/0.9/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1736],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),h=c(n),m=a,d=h["".concat(l,".").concat(m)]||h[m]||p[m]||o;return n?r.createElement(d,i(i({ref:t},u),{},{components:n})):r.createElement(d,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Architecture",s={unversionedId:"architecture",id:"version-0.9/architecture",title:"Architecture",description:"Fleet has two primary components. The Fleet manager and the cluster agents. These",source:"@site/versioned_docs/version-0.9/architecture.md",sourceDirName:".",slug:"/architecture",permalink:"/0.9/architecture",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/architecture.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.9/uninstall"},next:{title:"Core Concepts",permalink:"/0.9/concepts"}},l={},c=[{value:"Fleet Manager",id:"fleet-manager",level:2},{value:"Cluster Agents",id:"cluster-agents",level:2},{value:"Security",id:"security",level:2},{value:"Component Overview",id:"component-overview",level:2}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"architecture"},"Architecture"),(0,a.kt)("p",null,"Fleet has two primary components. The Fleet manager and the cluster agents. These\ncomponents work in a two-stage pull model. The Fleet manager will pull from git and the\ncluster agents will pull from the Fleet manager."),(0,a.kt)("h2",{id:"fleet-manager"},"Fleet Manager"),(0,a.kt)("p",null,"The Fleet manager is a set of Kubernetes controllers running in any standard Kubernetes\ncluster. The only API exposed by the Fleet manager is the Kubernetes API, there is no\ncustom API for the fleet controller."),(0,a.kt)("h2",{id:"cluster-agents"},"Cluster Agents"),(0,a.kt)("p",null,"One cluster agent runs in each cluster and is responsible for talking to the Fleet manager.\nThe only communication from cluster to Fleet manager is by this agent and all communication\ngoes from the managed cluster to the Fleet manager. The fleet manager does not initiate\nconnections to downstream clusters. This means managed clusters can run in private networks and behind\nNATs. The only requirement is the cluster agent needs to be able to communicate with the\nKubernetes API of the cluster running the Fleet manager. The one exception to this is if you use\nthe ",(0,a.kt)("a",{parentName:"p",href:"/0.9/cluster-registration#manager-initiated"},"manager initiated")," cluster registration flow. This is not required, but\nan optional pattern."),(0,a.kt)("p",null,'The cluster agents are not assumed to have an "always on" connection. They will resume operation as\nsoon as they can connect. Future enhancements will probably add the ability to schedule times of when\nthe agent checks in, as it stands right now they will always attempt to connect.'),(0,a.kt)("h2",{id:"security"},"Security"),(0,a.kt)("p",null,'The Fleet manager dynamically creates service accounts, manages their RBAC and then gives the\ntokens to the downstream clusters. Clusters are registered by optionally expiring cluster registration tokens.\nThe cluster registration token is used only during the registration process to generate a credential specific\nto that cluster. After the cluster credential is established the cluster "forgets" the cluster registration\ntoken.'),(0,a.kt)("p",null,"The service accounts given to the clusters only have privileges to list ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," in the namespace created\nspecifically for that cluster. It can also update the ",(0,a.kt)("inlineCode",{parentName:"p"},"status")," subresource of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," and the ",(0,a.kt)("inlineCode",{parentName:"p"},"status"),"\nsubresource of it's ",(0,a.kt)("inlineCode",{parentName:"p"},"Cluster")," resource."),(0,a.kt)("h2",{id:"component-overview"},"Component Overview"),(0,a.kt)("p",null,"An overview of the components and how they interact on a high level."),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Components",src:n(1913).Z,width:"1319",height:"1281"})))}p.isMDXComponent=!0},1913:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetComponents-2746fa09558c69f438948ab9bc659edb.svg"}}]); \ No newline at end of file diff --git a/assets/js/d596b4b8.6fb3f806.js b/assets/js/d596b4b8.347fe0c1.js similarity index 98% rename from assets/js/d596b4b8.6fb3f806.js rename to assets/js/d596b4b8.347fe0c1.js index 2d479eb9d..522483380 100644 --- a/assets/js/d596b4b8.6fb3f806.js +++ b/assets/js/d596b4b8.347fe0c1.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4105],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>h});var r=a(7294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var p=r.createContext({}),s=function(e){var t=r.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=s(e.components);return r.createElement(p.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,l=e.originalType,p=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=s(a),h=n,f=u["".concat(p,".").concat(h)]||u[h]||m[h]||l;return a?r.createElement(f,o(o({ref:t},c),{},{components:a})):r.createElement(f,o({ref:t},c))}));function h(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var l=a.length,o=new Array(l);o[0]=u;var i={};for(var p in t)hasOwnProperty.call(t,p)&&(i[p]=t[p]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=a(7462),n=(a(7294),a(3905));const l={title:"v0.8.1",date:"2023-11-23 10:06:23 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.8.1",id:"version-0.8/changelogs/changelogs/v0.8.1",title:"v0.8.1",description:"(rancherio-gh-m) released this 2023-11-23 1023 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.1",permalink:"/0.8/changelogs/changelogs/v0.8.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.1.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.8.1",date:"2023-11-23 10:06:23 +0000 UTC"},sidebar:"docs",previous:{title:"v0.8.0",permalink:"/0.8/changelogs/changelogs/v0.8.0"},next:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.2"}},p={},s=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],c={toc:s};function m(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,r.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-11-23 10:06:23 +0000 UTC*")),(0,n.kt)("h2",{id:"description"},"Description"),(0,n.kt)("h2",null,"What's Changed"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Bump bci/bci-base from 15.5.36.5.25 to 15.5.36.5.54 in /package"),(0,n.kt)("li",null,"Bump Gitjob chart to 0.1.76-security1")),(0,n.kt)("p",null,(0,n.kt)("strong",null,"Full Changelog"),": ",(0,n.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.0...v0.8.1"},(0,n.kt)("tt",null,"v0.8.0...v0.8.1"))),(0,n.kt)("h2",{id:"download"},"Download"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-crd-0.8.1.tgz"},"fleet-crd-0.8.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-agent-0.8.1.tgz"},"fleet-agent-0.8.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-0.8.1.tgz"},"fleet-0.8.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,n.kt)("p",null,(0,n.kt)("em",{parentName:"p"},"Information retrieved from ",(0,n.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.1"},"here"))))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4105],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>h});var r=a(7294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var p=r.createContext({}),s=function(e){var t=r.useContext(p),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},c=function(e){var t=s(e.components);return r.createElement(p.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,l=e.originalType,p=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),u=s(a),h=n,f=u["".concat(p,".").concat(h)]||u[h]||m[h]||l;return a?r.createElement(f,o(o({ref:t},c),{},{components:a})):r.createElement(f,o({ref:t},c))}));function h(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var l=a.length,o=new Array(l);o[0]=u;var i={};for(var p in t)hasOwnProperty.call(t,p)&&(i[p]=t[p]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var s=2;s{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>s});var r=a(7462),n=(a(7294),a(3905));const l={title:"v0.8.1",date:"2023-11-23 10:06:23 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.8.1",id:"version-0.8/changelogs/changelogs/v0.8.1",title:"v0.8.1",description:"(rancherio-gh-m) released this 2023-11-23 1023 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.1.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.1",permalink:"/0.8/changelogs/changelogs/v0.8.1",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.1.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.8.1",date:"2023-11-23 10:06:23 +0000 UTC"},sidebar:"docs",previous:{title:"v0.8.0",permalink:"/0.8/changelogs/changelogs/v0.8.0"},next:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.2"}},p={},s=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],c={toc:s};function m(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,r.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-11-23 10:06:23 +0000 UTC*")),(0,n.kt)("h2",{id:"description"},"Description"),(0,n.kt)("h2",null,"What's Changed"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Bump bci/bci-base from 15.5.36.5.25 to 15.5.36.5.54 in /package"),(0,n.kt)("li",null,"Bump Gitjob chart to 0.1.76-security1")),(0,n.kt)("p",null,(0,n.kt)("strong",null,"Full Changelog"),": ",(0,n.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.0...v0.8.1"},(0,n.kt)("tt",null,"v0.8.0...v0.8.1"))),(0,n.kt)("h2",{id:"download"},"Download"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-crd-0.8.1.tgz"},"fleet-crd-0.8.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-agent-0.8.1.tgz"},"fleet-agent-0.8.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-0.8.1.tgz"},"fleet-0.8.1.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.1/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,n.kt)("p",null,(0,n.kt)("em",{parentName:"p"},"Information retrieved from ",(0,n.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.1"},"here"))))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d6daf0cc.ad87deaf.js b/assets/js/d6daf0cc.f91e7713.js similarity index 99% rename from assets/js/d6daf0cc.ad87deaf.js rename to assets/js/d6daf0cc.f91e7713.js index 5bf03fd53..1128d420a 100644 --- a/assets/js/d6daf0cc.ad87deaf.js +++ b/assets/js/d6daf0cc.f91e7713.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8021],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,l=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),h=c(n),d=o,f=h["".concat(l,".").concat(d)]||h[d]||u[d]||a;return n?r.createElement(f,i(i({ref:t},p),{},{components:n})):r.createElement(f,i({ref:t},p))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,i=new Array(a);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const a={},i="GitRepo Resource",s={unversionedId:"ref-gitrepo",id:"ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/docs/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-gitrepo.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/ref-fleet-yaml"},next:{title:"Bundle Resource",permalink:"/ref-bundle"}},l={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private git repository you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n\n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.\n # Credentials will always be used if it is empty or not provided\n #\n # helmRepoURLRegex: https://charts.rancher.io/*\n\n # Contains the auth secret for private Helm repository for each path.\n # See [Create a GitRepo Resource](.gitrepo-add#use-different-helm-credentials-for-each-path)\n #\n # helmSecretNameForPaths: multi-helm-secret\n\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # When disablePolling is set to true the git repo won\'t be checked periodically.\n # It will rely on webhooks only.\n # See [Using Webhooks Instead of Polling](https://fleet.rancher.io/webhook)\n # disablePolling: false\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n # If empty, the "default" cluster group is used.\n #\n # targets: ...\n\n # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses\n # a three-way merge strategy by default.\n # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating\n # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.\n # Keep in mind that resources might be recreated if force is enabled.\n # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.\n #\n # correctDrift:\n # enabled: false\n # force: false #Warning: it might recreate resources if set to true\n # keepFailHistory: false\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8021],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,a=e.originalType,l=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),h=c(n),d=o,f=h["".concat(l,".").concat(d)]||h[d]||u[d]||a;return n?r.createElement(f,i(i({ref:t},p),{},{components:n})):r.createElement(f,i({ref:t},p))}));function d(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=n.length,i=new Array(a);i[0]=h;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const a={},i="GitRepo Resource",s={unversionedId:"ref-gitrepo",id:"ref-gitrepo",title:"GitRepo Resource",description:"The GitRepo resource describes git repositories, how to access them and where the bundles are located.",source:"@site/docs/ref-gitrepo.md",sourceDirName:".",slug:"/ref-gitrepo",permalink:"/ref-gitrepo",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-gitrepo.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet.yaml",permalink:"/ref-fleet-yaml"},next:{title:"Bundle Resource",permalink:"/ref-bundle"}},l={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"gitrepo-resource"},"GitRepo Resource"),(0,o.kt)("p",null,"The GitRepo resource describes git repositories, how to access them and where the bundles are located."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#gitrepospec"},"GitRepoSpec"),".\nFor more information on how to use GitRepo resource, e.g. how to watch private repositories, see ",(0,o.kt)("a",{parentName:"p",href:"/gitrepo-add"},"Create a GitRepo Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-repo\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # This can be a HTTPS or git URL. If you are using a git URL then\n # clientSecretName will probably need to be set to supply a credential.\n # repo is the only required parameter for a repo to be monitored.\n #\n repo: https://github.com/rancher/fleet-examples\n\n # Enforce all resources go to this target namespace. If a cluster scoped\n # resource is found the deployment will fail.\n #\n # targetNamespace: app1\n\n # Any branch can be watched, this field is optional. If not specified the\n # branch is assumed to be master\n #\n # branch: master\n\n # A specific commit or tag can also be watched.\n #\n # revision: v0.3.0\n\n # For a private git repository you must supply a clientSecretName. A default\n # secret can be set at the namespace level using the GitRepoRestriction\n # type. Secrets must be of the type "kubernetes.io/ssh-auth" or\n # "kubernetes.io/basic-auth". The secret is assumed to be in the\n # same namespace as the GitRepo\n #\n # clientSecretName: my-ssh-key\n\n # If fleet.yaml contains a private Helm repo that requires authentication,\n # provide the credentials in a K8s secret and specify them here.\n # Danger: the credentials will be sent to all repositories referenced from\n # this gitrepo. See section below for more information.\n #\n # helmSecretName: my-helm-secret\n\n # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.\n # Credentials will always be used if it is empty or not provided\n #\n # helmRepoURLRegex: https://charts.rancher.io/*\n\n # Contains the auth secret for private Helm repository for each path.\n # See [Create a GitRepo Resource](.gitrepo-add#use-different-helm-credentials-for-each-path)\n #\n # helmSecretNameForPaths: multi-helm-secret\n\n # To add additional ca-bundle for self-signed certs, caBundle can be\n # filled with base64 encoded pem data. For example:\n # `cat /path/to/ca.pem | base64 -w 0`\n #\n # caBundle: my-ca-bundle\n\n # Disable SSL verification for git repo\n #\n # insecureSkipTLSVerify: true\n\n # A git repo can read multiple paths in a repo at once.\n # The below field is expected to be an array of paths and\n # supports path globbing (ex: some/*/path)\n #\n # Example:\n # paths:\n # - single-path\n # - multiple-paths/*\n paths:\n - simple\n\n # PollingInterval configures how often fleet checks the git repo. The default\n # is 15 seconds.\n # Setting this to zero does not disable polling. It results in a 15s\n # interval, too.\n # As checking a git repo incurs a CPU cost, raising this value can help\n # lowering fleetcontroller\'s CPU usage if tens of git repos are used or more\n #\n # pollingInterval: 15s\n\n # When disablePolling is set to true the git repo won\'t be checked periodically.\n # It will rely on webhooks only.\n # See [Using Webhooks Instead of Polling](https://fleet.rancher.io/webhook)\n # disablePolling: false\n\n # Paused causes changes in Git to not be propagated down to the clusters but\n # instead mark resources as OutOfSync\n #\n # paused: false\n\n # Increment this number to force a redeployment of contents from Git\n #\n # forceSyncGeneration: 0\n\n # The service account that will be used to perform this deployment.\n # This is the name of the service account that exists in the\n # downstream cluster in the cattle-fleet-system namespace. It is assumed\n # this service account already exists so it should be create before\n # hand, most likely coming from another git repo registered with\n # the Fleet manager.\n #\n # serviceAccount: moreSecureAccountThanClusterAdmin\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n # If empty, the "default" cluster group is used.\n #\n # targets: ...\n\n # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses\n # a three-way merge strategy by default.\n # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating\n # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.\n # Keep in mind that resources might be recreated if force is enabled.\n # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.\n #\n # correctDrift:\n # enabled: false\n # force: false #Warning: it might recreate resources if set to true\n # keepFailHistory: false\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/d8f58335.e5365600.js b/assets/js/d8f58335.87d2031e.js similarity index 98% rename from assets/js/d8f58335.e5365600.js rename to assets/js/d8f58335.87d2031e.js index 99ec6a168..42d45ec05 100644 --- a/assets/js/d8f58335.e5365600.js +++ b/assets/js/d8f58335.87d2031e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[764],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),p=c(n),f=a,m=p["".concat(l,".").concat(f)]||p[f]||d[f]||o;return n?r.createElement(m,s(s({ref:t},u),{},{components:n})):r.createElement(m,s({ref:t},u))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,s=new Array(o);s[0]=p;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i.mdxType="string"==typeof e?e:a,s[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},s="Advanced Users",i={unversionedId:"advanced-users",id:"version-0.4/advanced-users",title:"Advanced Users",description:"Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases.",source:"@site/versioned_docs/version-0.4/advanced-users.md",sourceDirName:".",slug:"/advanced-users",permalink:"/0.4/advanced-users",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/advanced-users.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.4/troubleshooting"},next:{title:"Installation",permalink:"/0.4/installation"}},l={},c=[],u={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"advanced-users"},"Advanced Users"),(0,a.kt)("p",null,"Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases."),(0,a.kt)("p",null,"The following are examples of advanced use cases:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},"Nested GitRepo CRs"),(0,a.kt)("blockquote",{parentName:"li"},(0,a.kt)("p",{parentName:"blockquote"},"Managing Fleet within Fleet (nested GitRepo usage) is not currently supported. We will update the documentation if support becomes available."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.4/single-cluster-install"},"Single cluster installation"))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.4/multi-cluster-install"},"Multi-cluster installation")," "))),(0,a.kt)("p",null,"Please refer to the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/installation"},"installation")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/uninstall"},"uninstall")," documentation for additional information."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[764],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),p=c(n),f=a,m=p["".concat(l,".").concat(f)]||p[f]||d[f]||o;return n?r.createElement(m,s(s({ref:t},u),{},{components:n})):r.createElement(m,s({ref:t},u))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,s=new Array(o);s[0]=p;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i.mdxType="string"==typeof e?e:a,s[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},s="Advanced Users",i={unversionedId:"advanced-users",id:"version-0.4/advanced-users",title:"Advanced Users",description:"Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases.",source:"@site/versioned_docs/version-0.4/advanced-users.md",sourceDirName:".",slug:"/advanced-users",permalink:"/0.4/advanced-users",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/advanced-users.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.4/troubleshooting"},next:{title:"Installation",permalink:"/0.4/installation"}},l={},c=[],u={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"advanced-users"},"Advanced Users"),(0,a.kt)("p",null,"Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases."),(0,a.kt)("p",null,"The following are examples of advanced use cases:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},"Nested GitRepo CRs"),(0,a.kt)("blockquote",{parentName:"li"},(0,a.kt)("p",{parentName:"blockquote"},"Managing Fleet within Fleet (nested GitRepo usage) is not currently supported. We will update the documentation if support becomes available."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.4/single-cluster-install"},"Single cluster installation"))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.4/multi-cluster-install"},"Multi-cluster installation")," "))),(0,a.kt)("p",null,"Please refer to the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/installation"},"installation")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.4/uninstall"},"uninstall")," documentation for additional information."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/da21831e.a2d96142.js b/assets/js/da21831e.169037ec.js similarity index 98% rename from assets/js/da21831e.a2d96142.js rename to assets/js/da21831e.169037ec.js index 8edab23ac..4b686aeb3 100644 --- a/assets/js/da21831e.a2d96142.js +++ b/assets/js/da21831e.169037ec.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4893],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),p=c(n),f=a,m=p["".concat(l,".").concat(f)]||p[f]||d[f]||o;return n?r.createElement(m,s(s({ref:t},u),{},{components:n})):r.createElement(m,s({ref:t},u))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,s=new Array(o);s[0]=p;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i.mdxType="string"==typeof e?e:a,s[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},s="Advanced Users",i={unversionedId:"advanced-users",id:"version-0.5/advanced-users",title:"Advanced Users",description:"Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases.",source:"@site/versioned_docs/version-0.5/advanced-users.md",sourceDirName:".",slug:"/advanced-users",permalink:"/0.5/advanced-users",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/advanced-users.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.5/troubleshooting"},next:{title:"Installation",permalink:"/0.5/installation"}},l={},c=[],u={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"advanced-users"},"Advanced Users"),(0,a.kt)("p",null,"Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases."),(0,a.kt)("p",null,"The following are examples of advanced use cases:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},"Nested GitRepo CRs"),(0,a.kt)("blockquote",{parentName:"li"},(0,a.kt)("p",{parentName:"blockquote"},"Managing Fleet within Fleet (nested GitRepo usage) is not currently supported. We will update the documentation if support becomes available."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/single-cluster-install"},"Single cluster installation"))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/multi-cluster-install"},"Multi-cluster installation")," "))),(0,a.kt)("p",null,"Please refer to the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/installation"},"installation")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/uninstall"},"uninstall")," documentation for additional information."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4893],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),p=c(n),f=a,m=p["".concat(l,".").concat(f)]||p[f]||d[f]||o;return n?r.createElement(m,s(s({ref:t},u),{},{components:n})):r.createElement(m,s({ref:t},u))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,s=new Array(o);s[0]=p;var i={};for(var l in t)hasOwnProperty.call(t,l)&&(i[l]=t[l]);i.originalType=e,i.mdxType="string"==typeof e?e:a,s[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>s,default:()=>d,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},s="Advanced Users",i={unversionedId:"advanced-users",id:"version-0.5/advanced-users",title:"Advanced Users",description:"Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases.",source:"@site/versioned_docs/version-0.5/advanced-users.md",sourceDirName:".",slug:"/advanced-users",permalink:"/0.5/advanced-users",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/advanced-users.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.5/troubleshooting"},next:{title:"Installation",permalink:"/0.5/installation"}},l={},c=[],u={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"advanced-users"},"Advanced Users"),(0,a.kt)("p",null,"Note that using Fleet outside of Rancher is highly discouraged for any users who do not need to perform advanced actions. However, there are some advanced use cases that may need to be performed outside of Rancher, also known as Standalone Fleet, or Fleet without Rancher. This section will highlight such use cases."),(0,a.kt)("p",null,"The following are examples of advanced use cases:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},"Nested GitRepo CRs"),(0,a.kt)("blockquote",{parentName:"li"},(0,a.kt)("p",{parentName:"blockquote"},"Managing Fleet within Fleet (nested GitRepo usage) is not currently supported. We will update the documentation if support becomes available."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/single-cluster-install"},"Single cluster installation"))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("a",{parentName:"p",href:"/0.5/multi-cluster-install"},"Multi-cluster installation")," "))),(0,a.kt)("p",null,"Please refer to the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/installation"},"installation")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/uninstall"},"uninstall")," documentation for additional information."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/db0ebd24.7db58c84.js b/assets/js/db0ebd24.0f8760fe.js similarity index 98% rename from assets/js/db0ebd24.7db58c84.js rename to assets/js/db0ebd24.0f8760fe.js index a2692f9e4..29acd4964 100644 --- a/assets/js/db0ebd24.7db58c84.js +++ b/assets/js/db0ebd24.0f8760fe.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5565],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var r=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function a(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function l(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var i=r.createContext({}),c=function(e){var n=r.useContext(i),t=n;return e&&(t="function"==typeof e?e(n):l(l({},n),e)),t},p=function(e){var n=c(e.components);return r.createElement(i.Provider,{value:n},e.children)},u={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},d=r.forwardRef((function(e,n){var t=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(t),f=o,m=d["".concat(i,".").concat(f)]||d[f]||u[f]||a;return t?r.createElement(m,l(l({ref:n},p),{},{components:t})):r.createElement(m,l({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var a=t.length,l=new Array(a);l[0]=d;var s={};for(var i in n)hasOwnProperty.call(n,i)&&(s[i]=n[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var c=2;c{t.r(n),t.d(n,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=t(7462),o=(t(7294),t(3905));const a={},l="Bundle Resource",s={unversionedId:"ref-bundle",id:"version-0.8/ref-bundle",title:"Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created.",source:"@site/versioned_docs/version-0.8/ref-bundle.md",sourceDirName:".",slug:"/ref-bundle",permalink:"/0.8/ref-bundle",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-bundle.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/0.8/ref-gitrepo"},next:{title:"Troubleshooting",permalink:"/0.8/troubleshooting"}},i={},c=[],p={toc:c};function u(e){let{components:n,...t}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-resource"},"Bundle Resource"),(0,o.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,o.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),".\nFor more information on how to use the Bundle resource ",(0,o.kt)("a",{parentName:"p",href:"/0.8/bundle-add"},"Create a Bundle Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # Namespace used for resources that do not specify a namespace.\n # This field is not used to enforce or lock down the deployment to a specific namespace.\n # defaultNamespace: test\n\n # If present will assign all resource to this\n # namespace and if any cluster scoped resource exists the deployment will fail.\n # targetNamespace: app\n\n # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.\n # kustomize: ...\n\n # Helm options for the deployment, like the chart name, repo and values.\n # helm: ...\n\n # ServiceAccount which will be used to perform this deployment.\n # serviceAccount: sa\n\n # ForceSyncGeneration is used to force a redeployment.\n # forceSyncGeneration: 0\n\n # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.\n # yaml: ...\n\n # Diff can be used to ignore the modified state of objects which are amended at runtime.\n # A specific commit or tag can also be watched.\n #\n # diff: ...\n\n # KeepResources can be used to keep the deployed resources when removing the bundle.\n # keepResources: false\n\n # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.\n # paused: false\n\n # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.\n # rolloutStrategy: ...\n\n # Contain the actual resources from the git repo which will be deployed.\n resources:\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n\n # This field is used by Fleet internally, and it should not be modified manually.\n # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.\n # targetRestrictions: ...\n\n # Refers to the bundles which must be ready before this bundle can be deployed.\n # dependsOn: ...\n\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5565],{3905:(e,n,t)=>{t.d(n,{Zo:()=>p,kt:()=>f});var r=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function a(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);n&&(r=r.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,r)}return t}function l(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var i=r.createContext({}),c=function(e){var n=r.useContext(i),t=n;return e&&(t="function"==typeof e?e(n):l(l({},n),e)),t},p=function(e){var n=c(e.components);return r.createElement(i.Provider,{value:n},e.children)},u={inlineCode:"code",wrapper:function(e){var n=e.children;return r.createElement(r.Fragment,{},n)}},d=r.forwardRef((function(e,n){var t=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(t),f=o,m=d["".concat(i,".").concat(f)]||d[f]||u[f]||a;return t?r.createElement(m,l(l({ref:n},p),{},{components:t})):r.createElement(m,l({ref:n},p))}));function f(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var a=t.length,l=new Array(a);l[0]=d;var s={};for(var i in n)hasOwnProperty.call(n,i)&&(s[i]=n[i]);s.originalType=e,s.mdxType="string"==typeof e?e:o,l[1]=s;for(var c=2;c{t.r(n),t.d(n,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var r=t(7462),o=(t(7294),t(3905));const a={},l="Bundle Resource",s={unversionedId:"ref-bundle",id:"version-0.8/ref-bundle",title:"Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created.",source:"@site/versioned_docs/version-0.8/ref-bundle.md",sourceDirName:".",slug:"/ref-bundle",permalink:"/0.8/ref-bundle",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/ref-bundle.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"GitRepo Resource",permalink:"/0.8/ref-gitrepo"},next:{title:"Troubleshooting",permalink:"/0.8/troubleshooting"}},i={},c=[],p={toc:c};function u(e){let{components:n,...t}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,t,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-resource"},"Bundle Resource"),(0,o.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,o.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created."),(0,o.kt)("p",null,"The content of the resource corresponds to the ",(0,o.kt)("a",{parentName:"p",href:"./ref-crds#bundlespec"},"BundleSpec"),".\nFor more information on how to use the Bundle resource ",(0,o.kt)("a",{parentName:"p",href:"/0.8/bundle-add"},"Create a Bundle Resource"),"."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n # Namespace used for resources that do not specify a namespace.\n # This field is not used to enforce or lock down the deployment to a specific namespace.\n # defaultNamespace: test\n\n # If present will assign all resource to this\n # namespace and if any cluster scoped resource exists the deployment will fail.\n # targetNamespace: app\n\n # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.\n # kustomize: ...\n\n # Helm options for the deployment, like the chart name, repo and values.\n # helm: ...\n\n # ServiceAccount which will be used to perform this deployment.\n # serviceAccount: sa\n\n # ForceSyncGeneration is used to force a redeployment.\n # forceSyncGeneration: 0\n\n # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.\n # yaml: ...\n\n # Diff can be used to ignore the modified state of objects which are amended at runtime.\n # A specific commit or tag can also be watched.\n #\n # diff: ...\n\n # KeepResources can be used to keep the deployed resources when removing the bundle.\n # keepResources: false\n\n # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.\n # paused: false\n\n # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.\n # rolloutStrategy: ...\n\n # Contain the actual resources from the git repo which will be deployed.\n resources:\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n\n # Target clusters to deploy to if running Fleet in a multi-cluster\n # style. Refer to the "Mapping to Downstream Clusters" docs for\n # more information.\n #\n # targets: ...\n\n # This field is used by Fleet internally, and it should not be modified manually.\n # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.\n # targetRestrictions: ...\n\n # Refers to the bundles which must be ready before this bundle can be deployed.\n # dependsOn: ...\n\n')))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/dd67116e.49236642.js b/assets/js/dd67116e.0d6e3391.js similarity index 98% rename from assets/js/dd67116e.49236642.js rename to assets/js/dd67116e.0d6e3391.js index 6df0dc68b..0abed070d 100644 --- a/assets/js/dd67116e.49236642.js +++ b/assets/js/dd67116e.0d6e3391.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2425],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,i=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=r,k=d["".concat(l,".").concat(m)]||d[m]||p[m]||i;return n?a.createElement(k,o(o({ref:t},u),{},{components:n})):a.createElement(k,o({ref:t},u))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=n.length,o=new Array(i);o[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const i={},o="Cluster Registration Tokens",s={unversionedId:"cluster-tokens",id:"version-0.4/cluster-tokens",title:"Cluster Registration Tokens",description:"Not needed for Manager initiated registration:",source:"@site/versioned_docs/version-0.4/cluster-tokens.md",sourceDirName:".",slug:"/cluster-tokens",permalink:"/0.4/cluster-tokens",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/cluster-tokens.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.4/cluster-overview"},next:{title:"Agent Initiated",permalink:"/0.4/agent-initiated"}},l={},c=[{value:"Token TTL",id:"token-ttl",level:2},{value:"Create a new Token",id:"create-a-new-token",level:2},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:2}],u={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"cluster-registration-tokens"},"Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager initiated registration"),":\nFor manager initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent initiated registration the downstream cluster must have a cluster registration token.\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h2",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h2",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.4/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h2",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2425],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,i=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=r,k=d["".concat(l,".").concat(m)]||d[m]||p[m]||i;return n?a.createElement(k,o(o({ref:t},u),{},{components:n})):a.createElement(k,o({ref:t},u))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=n.length,o=new Array(i);o[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const i={},o="Cluster Registration Tokens",s={unversionedId:"cluster-tokens",id:"version-0.4/cluster-tokens",title:"Cluster Registration Tokens",description:"Not needed for Manager initiated registration:",source:"@site/versioned_docs/version-0.4/cluster-tokens.md",sourceDirName:".",slug:"/cluster-tokens",permalink:"/0.4/cluster-tokens",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/cluster-tokens.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.4/cluster-overview"},next:{title:"Agent Initiated",permalink:"/0.4/agent-initiated"}},l={},c=[{value:"Token TTL",id:"token-ttl",level:2},{value:"Create a new Token",id:"create-a-new-token",level:2},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:2}],u={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"cluster-registration-tokens"},"Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager initiated registration"),":\nFor manager initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent initiated registration the downstream cluster must have a cluster registration token.\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h2",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h2",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.4/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h2",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/dd81469d.84ad89ab.js b/assets/js/dd81469d.0675133c.js similarity index 97% rename from assets/js/dd81469d.84ad89ab.js rename to assets/js/dd81469d.0675133c.js index 51a2c8b6d..884c98a9b 100644 --- a/assets/js/dd81469d.84ad89ab.js +++ b/assets/js/dd81469d.0675133c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8361],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/docs/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_test.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet target",permalink:"/cli/fleet-cli/fleet_target"},next:{title:"fleet-manager",permalink:"/cli/fleet-controller/fleet-manager"}},c={},s=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output (deprecated)"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8361],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet test"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_test",id:"cli/fleet-cli/fleet_test",title:"",description:"fleet test",source:"@site/docs/cli/fleet-cli/fleet_test.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_test",permalink:"/cli/fleet-cli/fleet_test",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_test.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet test"},sidebar:"docs",previous:{title:"fleet target",permalink:"/cli/fleet-cli/fleet_target"},next:{title:"fleet-manager",permalink:"/cli/fleet-controller/fleet-manager"}},c={},s=[{value:"fleet test",id:"fleet-test",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-test"},"fleet test"),(0,l.kt)("p",null,"Match a bundle to a target and render the output (deprecated)"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet test [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n -f, --file string Location of the fleet.yaml\n -g, --group string Cluster group to match against\n -L, --group-label strings Cluster group labels to match against\n -h, --help help for test\n -l, --label strings Cluster labels to match against\n -N, --name string Cluster name to match against\n -q, --quiet Just print the match and don't print the resources\n -t, --target string Explicit target to match\n")),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/de08e76e.401a5740.js b/assets/js/de08e76e.c99b111a.js similarity index 99% rename from assets/js/de08e76e.401a5740.js rename to assets/js/de08e76e.c99b111a.js index 0deafdff9..14024fc2a 100644 --- a/assets/js/de08e76e.401a5740.js +++ b/assets/js/de08e76e.c99b111a.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[299],{3905:(t,e,a)=>{a.d(e,{Zo:()=>s,kt:()=>k});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var p=n.createContext({}),m=function(t){var e=n.useContext(p),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},s=function(t){var e=m(t.components);return n.createElement(p.Provider,{value:e},t.children)},d={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},o=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,p=t.parentName,s=u(t,["components","mdxType","originalType","parentName"]),o=m(a),k=l,N=o["".concat(p,".").concat(k)]||o[k]||d[k]||r;return a?n.createElement(N,i(i({ref:e},s),{},{components:a})):n.createElement(N,i({ref:e},s))}));function k(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=o;var u={};for(var p in e)hasOwnProperty.call(e,p)&&(u[p]=e[p]);u.originalType=t,u.mdxType="string"==typeof t?t:l,i[1]=u;for(var m=2;m{a.r(e),a.d(e,{assets:()=>p,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>u,toc:()=>m});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",u={unversionedId:"ref-crds",id:"ref-crds",title:"Custom Resources Spec",description:"* Bundle",source:"@site/docs/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-crds.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"List of Deployed Resources",permalink:"/ref-resources"},next:{title:"fleet.yaml",permalink:"/ref-fleet-yaml"}},p={},m=[{value:"Bundle",id:"bundle",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleList",id:"bundlelist",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentList",id:"bundledeploymentlist",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentResource",id:"bundledeploymentresource",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"IgnoreOptions",id:"ignoreoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"BundleNamespaceMappingList",id:"bundlenamespacemappinglist",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterList",id:"clusterlist",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupList",id:"clustergrouplist",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationList",id:"clusterregistrationlist",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenList",id:"clusterregistrationtokenlist",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"Content",id:"content",level:4},{value:"ContentList",id:"contentlist",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"CorrectDrift",id:"correctdrift",level:4},{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoList",id:"gitrepolist",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"GitRepoRestrictionList",id:"gitreporestrictionlist",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanList",id:"imagescanlist",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4}],s={toc:m};function d(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},s,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlelist"},"BundleList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentlist"},"BundleDeploymentList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemappinglist"},"BundleNamespaceMappingList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterlist"},"ClusterList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergrouplist"},"ClusterGroupList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationlist"},"ClusterRegistrationList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenlist"},"ClusterRegistrationTokenList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#contentlist"},"ContentList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepolist"},"GitRepoList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestrictionlist"},"GitRepoRestrictionList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanlist"},"ImageScanList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy"))),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("p",null,"Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters."),(0,l.kt)("p",null,"When a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("p",null,"BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is a summary state for the bundle, calculated over the non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlelist"},"BundleList"),(0,l.kt)("p",null,"BundleList contains a list of Bundle"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundle"},"Bundle")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching bundle's labels."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("p",null,"BundleResource represents the content of a single resource from the bundle, like a YAML manifest."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource, can include the bundle's internal path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"The content of the resource, can be compressed."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null},'Encoding is either empty or \\"base64+gz\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleresource"},"BundleResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions is an allow list, which controls if a bundledeployment is created for a target."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null},"NewlyCreated is the number of bundle deployments that have been created, not updated."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"UnavailablePartitions is the number of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable deployments. See rollout configuration."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"PartitionStatus lists the status of each partition."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc.."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourcesSha256Sum"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourcesSHA256Sum corresponds to the JSON serialization of the .Spec.Resources field"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("p",null,"BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of bundle deployments that have been deployed where some resources are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"ErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"OutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of bundle deployments that have been deployed where all resources are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null},"Pending is the number of bundle deployments that are being processed by Fleet controller."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of bundle deployments that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of states, which is filled for a bundle that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("p",null,"BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},'Name of target. This value is largely for display and logging. If not specified a default name of the format \\"target000\\" will be used'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName to match a specific cluster by name that will be selected"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup to match a specific cluster group by name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a selector to match cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"doNotDeploy"),(0,l.kt)("td",{parentName:"tr",align:null},"DoNotDeploy if set to true, will not deploy to this target."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("p",null,"BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("p",null,'NonReadyResource contains information about a bundle that is not ready for a given state like \\"ErrApplied\\". It contains a list of non-ready or modified resources and their states.'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, like e.g. \\"NotReady\\" or \\"ErrApplied\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains information why the bundle is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"ModifiedStatus lists the state for each modified resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyStatus lists the state for each non-ready resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("p",null,"Partition defines a separate rollout strategy for a set of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"A user-friendly name given to the partition used for Display (optional)."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"A cluster group name to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster group labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("p",null,"PartitionStatus is the status of a single rollout partition."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null},"Count is the number of clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary state for the partition, calculated over its non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("p",null,"ResourceKey lists resources, which will likely be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s api kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the k8s api version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("p",null,"RolloverStrategy controls the rollout of the bundle across clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partition"},"Partition")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("p",null,"BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentlist"},"BundleDeploymentList"),(0,l.kt)("p",null,"BundleDeploymentList contains a list of BundleDeployment"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ignore"),(0,l.kt)("td",{parentName:"tr",align:null},"IgnoreOptions can be used to ignore fields when monitoring the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceLabels are labels that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceAnnotations"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceAnnotations are annotations that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deleteCRDResources"),(0,l.kt)("td",{parentName:"tr",align:null},"DeleteCRDResources deletes CRDs. Warning! this will also delete all your Custom Resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentresource"},"BundleDeploymentResource"),(0,l.kt)("p",null,"BundleDeploymentResource contains the metadata of a deployed resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"createdAt"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedOptions are the deployment options, that are staged for the next deployment."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedDeploymentID is the ID of the staged deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null},"Options are the deployment options, that are currently applied."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"DeploymentID is the ID of the currently applied deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources lists the metadata of resources that were deployed according to the helm release history."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("p",null,"ComparePatch matches a resource and removes fields from the check for modifications."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the kind of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the apiVersion of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null},"Operations remove a JSON path from the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#operation"},"Operation")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null},"JSONPointers ignore diffs at a certain JSON path."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null},"ComparePatches match a resource and remove fields from the check for modifications."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("p",null,"HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes helm skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disableDNS"),(0,l.kt)("td",{parentName:"tr",align:null},"DisableDNS can be used to customize Helm's EnableDNS option, which Fleet sets to ",(0,l.kt)("inlineCode",{parentName:"td"},"true")," by default."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"skipSchemaValidation"),(0,l.kt)("td",{parentName:"tr",align:null},"SkipSchemaValidation allows skipping schema validation against the chart values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"ignoreoptions"},"IgnoreOptions"),(0,l.kt)("p",null,"IgnoreOptions defines conditions to be ignored when monitoring the Bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions to be ignored when monitoring the Bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("p",null,"KustomizeOptions for a deployment."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null},"Dir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of a resource in the same namespace as the referent."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("p",null,"ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("p",null,"NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("p",null,'Operation of a ComparePatch, usually \\"remove\\".'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null},'Op is usually \\"remove\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null},"Path is the JSON path to remove."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null},"Value is usually empty."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("p",null,"YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null},'Overlays is a list of names that maps to folders in \\"overlays/\\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("p",null,"BundleNamespaceMapping maps bundles to clusters in other namespaces."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemappinglist"},"BundleNamespaceMappingList"),(0,l.kt)("p",null,"BundleNamespaceMappingList contains a list of BundleNamespaceMapping"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSeen is the last time the agent checked in to update the status of the cluster resource."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the namespace of the agent deployment, e.g. \\"cattle-fleet-system\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNodes is the number of nodes that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes is the number of nodes that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes contains the names of ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("p",null,"Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyNodes is a string in the form \\"%d/%d\\", that describes the number of nodes that are ready vs. the number of expected nodes.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null},"SampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State of the cluster, either one of the bundle states, or \\"WaitCheckIn\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterlist"},"ClusterList"),(0,l.kt)("p",null,"ClusterList contains a list of Cluster"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#cluster"},"Cluster")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. It can optionally contain a APIServerURL and CA to override the values in the fleet-controller's configmap."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecretNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecretNamespace is the namespace of the secret containing the kubeconfig for the downstream cluster. If unset, it will be assumed the secret can be found in the namespace that the Cluster object resides within."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]corev1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]corev1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinity"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.Affinity"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResources"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResources sets the resources for the cluster's agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.ResourceRequirements"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts is an aggregate over the GitRepoResourceCounts."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyGitRepos is the number of gitrepos for this cluster that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVarsHash is a hash of the agent's env vars, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentPrivateRepoURL is the private repo URL for the agent that is currently used."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentDeployedGeneration is the generation of the agent that is currently deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"CattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinityHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResourcesHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResourcesHash is a hash of the agent's resources configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerationsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentConfigChanged"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerURL"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerCAHash"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerCAHash is a hash of the upstream API server CA, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready bundles, nodes and a summary state."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentStatus contains information about the agent."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("p",null,"ClusterGroup is a re-usable selector to target a group of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is a summary state for the cluster group, showing \\"NotReady\\" if there are non-ready resources.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergrouplist"},"ClusterGroupList"),(0,l.kt)("p",null,"ClusterGroupList contains a list of ClusterGroup"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector is a label selector, used to select clusters for this group."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterCount is the number of clusters in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusterCount is the number of clusters that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of cluster names that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions and their statuses for the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundle deployments and their resources in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("p",null,"ClusterRegistration is used internally by Fleet and should not be used directly."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationlist"},"ClusterRegistrationList"),(0,l.kt)("p",null,"ClusterRegistrationList contains a list of ClusterRegistration"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterLabels are copied to the cluster resource during the registration."),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is only set after the registration is being processed by fleet-controller."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null},"Granted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("p",null,"ClusterRegistrationToken is used by agents to register a new cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenlist"},"ClusterRegistrationTokenList"),(0,l.kt)("p",null,"ClusterRegistrationTokenList contains a list of ClusterRegistrationToken"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtoken"},"ClusterRegistrationToken")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null},"TTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null},"Expires is the time when the token expires."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretName is the name of the secret containing the token."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("p",null,"Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"Content is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sha256sum"),(0,l.kt)("td",{parentName:"tr",align:null},"SHA256Sum of the Content field"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"contentlist"},"ContentList"),(0,l.kt)("p",null,"ContentList contains a list of Content"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#content"},"Content")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"correctdrift"},"CorrectDrift"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"enabled"),(0,l.kt)("td",{parentName:"tr",align:null},"Enabled correct drift if true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force helm rollback with --force option will be used if true. This will try to recreate all resources in the release."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepFailHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepFailHistory keeps track of failed rollbacks in the helm history."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("p",null,"GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundleDeployments is a string in the form \\"%d/%d\\", that describes the number of ready bundledeployments over the total number of bundledeployments.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the GitRepo, e.g. \\"GitUpdating\\" or the maximal BundleState according to StateRank.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains the relevant message from the deployment conditions."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if a message is present."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepolist"},"GitRepoList"),(0,l.kt)("p",null,"GitRepoList contains a list of GitRepo"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitrepo"},"GitRepo")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("p",null,"GitRepoResource contains metadata about the resources of a bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the API version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null},'Type is the type of the resource, e.g. \\"apiextensions.k8s.io.customresourcedefinition\\" or \\"configmap\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null},'ID is the name of the resource, e.g. \\"namespace1/my-config\\" or \\"backingimagemanagers.storage.io\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null},"IncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, e.g. \\"Unknown\\", \\"WaitApplied\\", \\"ErrApplied\\" or \\"Ready\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if any Error in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if any Transitioning in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message is the first message from the PerClusterStates."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null},"PerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("p",null,"GitRepoResourceCounts contains the number of resources in each state."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of resources that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of resources that are waiting to be applied."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of resources that have been modified."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null},"Orphaned is the number of orphaned resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null},"Missing is the number of missing resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null},"Unknown is the number of resources in an unknown state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of not ready resources. Resources are not ready if they do not match any other state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for a private Helm repository."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretNameForPaths"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretNameForPaths contains the auth secret for private Helm repository for each path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of targets this repo will deploy to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gittarget"},"GitTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when a new image is scanned and written back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit is the Git commit hash from the last gitjob run."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyClusters\\tis the number of clusters that should be ready for bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null},'GitJobStatus is the status of the last GitJob run, e.g. \\"Current\\" if there was no error.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains a human readable summary of the status."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains metadata about the resources of each bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceErrors is a sorted list of errors from the resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSyncedImageScanTime is the time of the last image scan."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("p",null,"GitTarget is a cluster or cluster group to deploy to."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of this target."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a label selector to select clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup is the name of a cluster group in the same namespace as the clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a label selector to select cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("p",null,"ResourcePerClusterState is generated for each non-ready resource of the bundles."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is the state of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if the resource is in an error state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message combines the messages from the bundle's summary. Messages are joined with the delimiter ';'."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null},"Patch for modified resources."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterID is the id of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("p",null,"GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultServiceAccount overrides the GitRepo's default service account."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultClientSecretName overrides the GitRepo's default client secret."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestrictionlist"},"GitRepoRestrictionList"),(0,l.kt)("p",null,"GitRepoRestrictionList contains a list of GitRepoRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanlist"},"ImageScanList"),(0,l.kt)("p",null,"ImageScanList contains a list of ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#imagescan"},"ImageScan")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[299],{3905:(t,e,a)=>{a.d(e,{Zo:()=>s,kt:()=>k});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var p=n.createContext({}),m=function(t){var e=n.useContext(p),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},s=function(t){var e=m(t.components);return n.createElement(p.Provider,{value:e},t.children)},d={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},o=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,p=t.parentName,s=u(t,["components","mdxType","originalType","parentName"]),o=m(a),k=l,N=o["".concat(p,".").concat(k)]||o[k]||d[k]||r;return a?n.createElement(N,i(i({ref:e},s),{},{components:a})):n.createElement(N,i({ref:e},s))}));function k(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=o;var u={};for(var p in e)hasOwnProperty.call(e,p)&&(u[p]=e[p]);u.originalType=t,u.mdxType="string"==typeof t?t:l,i[1]=u;for(var m=2;m{a.r(e),a.d(e,{assets:()=>p,contentTitle:()=>i,default:()=>d,frontMatter:()=>r,metadata:()=>u,toc:()=>m});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",u={unversionedId:"ref-crds",id:"ref-crds",title:"Custom Resources Spec",description:"* Bundle",source:"@site/docs/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-crds.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"List of Deployed Resources",permalink:"/ref-resources"},next:{title:"fleet.yaml",permalink:"/ref-fleet-yaml"}},p={},m=[{value:"Bundle",id:"bundle",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleList",id:"bundlelist",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentList",id:"bundledeploymentlist",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentResource",id:"bundledeploymentresource",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"IgnoreOptions",id:"ignoreoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"BundleNamespaceMappingList",id:"bundlenamespacemappinglist",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterList",id:"clusterlist",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupList",id:"clustergrouplist",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationList",id:"clusterregistrationlist",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenList",id:"clusterregistrationtokenlist",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"Content",id:"content",level:4},{value:"ContentList",id:"contentlist",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"CorrectDrift",id:"correctdrift",level:4},{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoList",id:"gitrepolist",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"GitRepoRestrictionList",id:"gitreporestrictionlist",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanList",id:"imagescanlist",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4}],s={toc:m};function d(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},s,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlelist"},"BundleList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentlist"},"BundleDeploymentList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemappinglist"},"BundleNamespaceMappingList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterlist"},"ClusterList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergrouplist"},"ClusterGroupList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationlist"},"ClusterRegistrationList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenlist"},"ClusterRegistrationTokenList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#contentlist"},"ContentList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepolist"},"GitRepoList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestrictionlist"},"GitRepoRestrictionList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanlist"},"ImageScanList")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy"))),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("p",null,"Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters."),(0,l.kt)("p",null,"When a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("p",null,"BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is a summary state for the bundle, calculated over the non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlelist"},"BundleList"),(0,l.kt)("p",null,"BundleList contains a list of Bundle"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundle"},"Bundle")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching bundle's labels."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("p",null,"BundleResource represents the content of a single resource from the bundle, like a YAML manifest."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource, can include the bundle's internal path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"The content of the resource, can be compressed."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null},'Encoding is either empty or \\"base64+gz\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleresource"},"BundleResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions is an allow list, which controls if a bundledeployment is created for a target."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null},"NewlyCreated is the number of bundle deployments that have been created, not updated."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"UnavailablePartitions is the number of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable deployments. See rollout configuration."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"PartitionStatus lists the status of each partition."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc.."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourcesSha256Sum"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourcesSHA256Sum corresponds to the JSON serialization of the .Spec.Resources field"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("p",null,"BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of bundle deployments that have been deployed where some resources are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"ErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"OutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of bundle deployments that have been deployed where all resources are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null},"Pending is the number of bundle deployments that are being processed by Fleet controller."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of bundle deployments that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of states, which is filled for a bundle that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("p",null,"BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},'Name of target. This value is largely for display and logging. If not specified a default name of the format \\"target000\\" will be used'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName to match a specific cluster by name that will be selected"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup to match a specific cluster group by name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a selector to match cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"doNotDeploy"),(0,l.kt)("td",{parentName:"tr",align:null},"DoNotDeploy if set to true, will not deploy to this target."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("p",null,"BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("p",null,'NonReadyResource contains information about a bundle that is not ready for a given state like \\"ErrApplied\\". It contains a list of non-ready or modified resources and their states.'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, like e.g. \\"NotReady\\" or \\"ErrApplied\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains information why the bundle is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"ModifiedStatus lists the state for each modified resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyStatus lists the state for each non-ready resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("p",null,"Partition defines a separate rollout strategy for a set of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"A user-friendly name given to the partition used for Display (optional)."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"A cluster group name to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector matching cluster group labels to include in this partition"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("p",null,"PartitionStatus is the status of a single rollout partition."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null},"Count is the number of clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxUnavailable is the maximum number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"Unavailable is the number of unavailable clusters in the partition."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary state for the partition, calculated over its non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("p",null,"ResourceKey lists resources, which will likely be deployed."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s api kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the k8s api version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("p",null,"RolloverStrategy controls the rollout of the bundle across clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null},"A number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%"),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null},"A list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#partition"},"Partition")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("p",null,"BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentlist"},"BundleDeploymentList"),(0,l.kt)("p",null,"BundleDeploymentList contains a list of BundleDeployment"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ignore"),(0,l.kt)("td",{parentName:"tr",align:null},"IgnoreOptions can be used to ignore fields when monitoring the bundle."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#ignoreoptions"},"IgnoreOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceLabels are labels that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceAnnotations"),(0,l.kt)("td",{parentName:"tr",align:null},"NamespaceAnnotations are annotations that will be appended to the namespace created by Fleet."),(0,l.kt)("td",{parentName:"tr",align:null},"*map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deleteCRDResources"),(0,l.kt)("td",{parentName:"tr",align:null},"DeleteCRDResources deletes CRDs. Warning! this will also delete all your Custom Resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentresource"},"BundleDeploymentResource"),(0,l.kt)("p",null,"BundleDeploymentResource contains the metadata of a deployed resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"createdAt"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedOptions are the deployment options, that are staged for the next deployment."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"StagedDeploymentID is the ID of the staged deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null},"Options are the deployment options, that are currently applied."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null},"DeploymentID is the ID of the currently applied deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundleref"},"BundleRef")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources lists the metadata of resources that were deployed according to the helm release history."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentresource"},"BundleDeploymentResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("p",null,"ComparePatch matches a resource and removes fields from the check for modifications."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the kind of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the apiVersion of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace is the namespace of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of the resource to match."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null},"Operations remove a JSON path from the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#operation"},"Operation")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null},"JSONPointers ignore diffs at a certain JSON path."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null},"ComparePatches match a resource and remove fields from the check for modifications."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("p",null,"HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes helm skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disableDNS"),(0,l.kt)("td",{parentName:"tr",align:null},"DisableDNS can be used to customize Helm's EnableDNS option, which Fleet sets to ",(0,l.kt)("inlineCode",{parentName:"td"},"true")," by default."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"skipSchemaValidation"),(0,l.kt)("td",{parentName:"tr",align:null},"SkipSchemaValidation allows skipping schema validation against the chart values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"ignoreoptions"},"IgnoreOptions"),(0,l.kt)("p",null,"IgnoreOptions defines conditions to be ignored when monitoring the Bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions to be ignored when monitoring the Bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[]map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("p",null,"KustomizeOptions for a deployment."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null},"Dir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of a resource in the same namespace as the referent."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("p",null,"ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("p",null,"NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("p",null,'Operation of a ComparePatch, usually \\"remove\\".'),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null},'Op is usually \\"remove\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null},"Path is the JSON path to remove."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null},"Value is usually empty."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("p",null,"YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null},'Overlays is a list of names that maps to folders in \\"overlays/\\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("p",null,"BundleNamespaceMapping maps bundles to clusters in other namespaces."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemappinglist"},"BundleNamespaceMappingList"),(0,l.kt)("p",null,"BundleNamespaceMappingList contains a list of BundleNamespaceMapping"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSeen is the last time the agent checked in to update the status of the cluster resource."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the namespace of the agent deployment, e.g. \\"cattle-fleet-system\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNodes is the number of nodes that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes is the number of nodes that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyNodes contains the names of ready nodes. The list is limited to at most 3 names."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("p",null,"Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyNodes is a string in the form \\"%d/%d\\", that describes the number of nodes that are ready vs. the number of expected nodes.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null},"SampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State of the cluster, either one of the bundle states, or \\"WaitCheckIn\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterlist"},"ClusterList"),(0,l.kt)("p",null,"ClusterList contains a list of Cluster"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#cluster"},"Cluster")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. It can optionally contain a APIServerURL and CA to override the values in the fleet-controller's configmap."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecretNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecretNamespace is the namespace of the secret containing the kubeconfig for the downstream cluster. If unset, it will be assumed the secret can be found in the namespace that the Cluster object resides within."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]corev1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]corev1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinity"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.Affinity"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResources"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResources sets the resources for the cluster's agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.ResourceRequirements"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts is an aggregate over the GitRepoResourceCounts."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyGitRepos is the number of gitrepos for this cluster that are ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVarsHash is a hash of the agent's env vars, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentPrivateRepoURL is the private repo URL for the agent that is currently used."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentDeployedGeneration is the generation of the agent that is currently deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null},"CattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentAffinityHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentResourcesHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentResourcesHash is a hash of the agent's resources configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerationsHash"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentConfigChanged"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerURL"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiServerCAHash"),(0,l.kt)("td",{parentName:"tr",align:null},"APIServerCAHash is a hash of the upstream API server CA, used to detect changes."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready bundles, nodes and a summary state."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentStatus contains information about the agent."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("p",null,"ClusterGroup is a re-usable selector to target a group of clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyClusters is a string in the form \\"%d/%d\\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundles is a string in the form \\"%d/%d\\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is a summary state for the cluster group, showing \\"NotReady\\" if there are non-ready resources.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergrouplist"},"ClusterGroupList"),(0,l.kt)("p",null,"ClusterGroupList contains a list of ClusterGroup"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null},"Selector is a label selector, used to select clusters for this group."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterCount is the number of clusters in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusterCount is the number of clusters that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"NonReadyClusters is a list of cluster names that are not ready."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of conditions and their statuses for the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary is a summary of the bundle deployments and their resources in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains the number of ready, desiredready clusters and a summary state for the bundle's resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles in the cluster group."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("p",null,"ClusterRegistration is used internally by Fleet and should not be used directly."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationlist"},"ClusterRegistrationList"),(0,l.kt)("p",null,"ClusterRegistrationList contains a list of ClusterRegistration"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterLabels are copied to the cluster resource during the registration."),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is only set after the registration is being processed by fleet-controller."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null},"Granted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("p",null,"ClusterRegistrationToken is used by agents to register a new cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenlist"},"ClusterRegistrationTokenList"),(0,l.kt)("p",null,"ClusterRegistrationTokenList contains a list of ClusterRegistrationToken"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtoken"},"ClusterRegistrationToken")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null},"TTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null},"Expires is the time when the token expires."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretName is the name of the secret containing the token."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("p",null,"Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null},"Content is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sha256sum"),(0,l.kt)("td",{parentName:"tr",align:null},"SHA256Sum of the Content field"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"contentlist"},"ContentList"),(0,l.kt)("p",null,"ContentList contains a list of Content"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#content"},"Content")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"correctdrift"},"CorrectDrift"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"enabled"),(0,l.kt)("td",{parentName:"tr",align:null},"Enabled correct drift if true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force helm rollback with --force option will be used if true. This will try to recreate all resources in the release."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepFailHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepFailHistory keeps track of failed rollbacks in the helm history."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("p",null,"GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null},'ReadyBundleDeployments is a string in the form \\"%d/%d\\", that describes the number of ready bundledeployments over the total number of bundledeployments.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the GitRepo, e.g. \\"GitUpdating\\" or the maximal BundleState according to StateRank.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message contains the relevant message from the deployment conditions."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if a message is present."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepolist"},"GitRepoList"),(0,l.kt)("p",null,"GitRepoList contains a list of GitRepo"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitrepo"},"GitRepo")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("p",null,"GitRepoResource contains metadata about the resources of a bundle."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null},"APIVersion is the API version of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null},"Kind is the k8s kind of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null},'Type is the type of the resource, e.g. \\"apiextensions.k8s.io.customresourcedefinition\\" or \\"configmap\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null},'ID is the name of the resource, e.g. \\"namespace1/my-config\\" or \\"backingimagemanagers.storage.io\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Namespace of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null},"IncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},'State is the state of the resource, e.g. \\"Unknown\\", \\"WaitApplied\\", \\"ErrApplied\\" or \\"Ready\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if any Error in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if any Transitioning in the PerClusterState is true."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message is the first message from the PerClusterStates."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null},"PerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("p",null,"GitRepoResourceCounts contains the number of resources in each state."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null},"Ready is the number of ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReady is the number of resources that should be ready."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitApplied is the number of resources that are waiting to be applied."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null},"Modified is the number of resources that have been modified."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null},"Orphaned is the number of orphaned resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null},"Missing is the number of missing resources."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null},"Unknown is the number of resources in an unknown state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null},"NotReady is the number of not ready resources. Resources are not ready if they do not match any other state."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for a private Helm repository."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretNameForPaths"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretNameForPaths contains the auth secret for private Helm repository for each path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default.'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of targets this repo will deploy to."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gittarget"},"GitTarget")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when a new image is scanned and written back to git repo."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"correctDrift"),(0,l.kt)("td",{parentName:"tr",align:null},"CorrectDrift specifies how drift correction should work."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#correctdrift"},"CorrectDrift")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit is the Git commit hash from the last gitjob run."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"ReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null},"DesiredReadyClusters\\tis the number of clusters that should be ready for bundles of this GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null},'GitJobStatus is the status of the last GitJob run, e.g. \\"Current\\" if there was no error.'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null},"Summary contains the number of bundle deployments in each state and a list of non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null},"Display contains a human readable summary of the status."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null},"Conditions is a list of Wrangler conditions that describe the state of the GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contains metadata about the resources of each bundle."),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceCounts contains the number of resources in each state over all bundles."),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null},"ResourceErrors is a sorted list of errors from the resources."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastSyncedImageScanTime is the time of the last image scan."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("p",null,"GitTarget is a cluster or cluster group to deploy to."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null},"Name is the name of this target."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterName is the name of a cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterSelector is a label selector to select clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroup is the name of a cluster group in the same namespace as the clusters."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterGroupSelector is a label selector to select cluster groups."),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("p",null,"ResourcePerClusterState is generated for each non-ready resource of the bundles."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null},"State is the state of the resource."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null},"Error is true if the resource is in an error state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null},"Transitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null},"Message combines the messages from the bundle's summary. Messages are joined with the delimiter ';'."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null},"Patch for modified resources."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null},"ClusterID is the id of the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("p",null,"GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultServiceAccount overrides the GitRepo's default service account."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultClientSecretName overrides the GitRepo's default client secret."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null},"AllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestrictionlist"},"GitRepoRestrictionList"),(0,l.kt)("p",null,"GitRepoRestrictionList contains a list of GitRepoRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanlist"},"ImageScanList"),(0,l.kt)("p",null,"ImageScanList contains a list of ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ListMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"items"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[","]",(0,l.kt)("a",{parentName:"td",href:"#imagescan"},"ImageScan")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/de69e49e.24c8aa06.js b/assets/js/de69e49e.9cf159f3.js similarity index 98% rename from assets/js/de69e49e.24c8aa06.js rename to assets/js/de69e49e.9cf159f3.js index 39ff85197..01855f5de 100644 --- a/assets/js/de69e49e.24c8aa06.js +++ b/assets/js/de69e49e.9cf159f3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9706],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),p=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),f=p(n),d=l,m=f["".concat(c,".").concat(d)]||f[d]||u[d]||a;return n?r.createElement(m,o(o({ref:t},s),{},{components:n})):r.createElement(m,o({ref:t},s))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=f;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>p});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet cleanup"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_cleanup",id:"version-0.9/cli/fleet-cli/fleet_cleanup",title:"",description:"fleet cleanup",source:"@site/versioned_docs/version-0.9/cli/fleet-cli/fleet_cleanup.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_cleanup",permalink:"/0.9/cli/fleet-cli/fleet_cleanup",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-cli/fleet_cleanup.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet cleanup"}},c={},p=[{value:"fleet cleanup",id:"fleet-cleanup",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],s={toc:p};function u(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-cleanup"},"fleet cleanup"),(0,l.kt)("p",null,"Clean up outdated cluster registrations"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet cleanup [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --factor string Factor to increase delay between deletes (default: 1.1)\n -h, --help help for cleanup\n --max string Maximum delay between deletes (default: 5s)\n --min string Minimum delay between deletes (default: 10ms)\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[9706],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function a(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var c=r.createContext({}),p=function(e){var t=r.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},s=function(e){var t=p(e.components);return r.createElement(c.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},f=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,s=i(e,["components","mdxType","originalType","parentName"]),f=p(n),d=l,m=f["".concat(c,".").concat(d)]||f[d]||u[d]||a;return n?r.createElement(m,o(o({ref:t},s),{},{components:n})):r.createElement(m,o({ref:t},s))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=n.length,o=new Array(a);o[0]=f;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var p=2;p{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>u,frontMatter:()=>a,metadata:()=>i,toc:()=>p});var r=n(7462),l=(n(7294),n(3905));const a={title:"",sidebar_label:"fleet cleanup"},o=void 0,i={unversionedId:"cli/fleet-cli/fleet_cleanup",id:"version-0.9/cli/fleet-cli/fleet_cleanup",title:"",description:"fleet cleanup",source:"@site/versioned_docs/version-0.9/cli/fleet-cli/fleet_cleanup.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_cleanup",permalink:"/0.9/cli/fleet-cli/fleet_cleanup",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-cli/fleet_cleanup.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet cleanup"}},c={},p=[{value:"fleet cleanup",id:"fleet-cleanup",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],s={toc:p};function u(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-cleanup"},"fleet cleanup"),(0,l.kt)("p",null,"Clean up outdated cluster registrations"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet cleanup [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --factor string Factor to increase delay between deletes (default: 1.1)\n -h, --help help for cleanup\n --max string Maximum delay between deletes (default: 5s)\n --min string Minimum delay between deletes (default: 10ms)\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/de6c661b.ec37febd.js b/assets/js/de6c661b.58a4f43c.js similarity index 99% rename from assets/js/de6c661b.ec37febd.js rename to assets/js/de6c661b.58a4f43c.js index a715ace11..d1f1198ff 100644 --- a/assets/js/de6c661b.ec37febd.js +++ b/assets/js/de6c661b.58a4f43c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7378],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,n=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(n,".").concat(p)]||u[p]||h[p]||s;return a?r.createElement(m,i(i({ref:t},d),{},{components:a})):r.createElement(m,i({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,i=new Array(s);i[0]=u;var o={};for(var n in t)hasOwnProperty.call(t,n)&&(o[n]=t[n]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>i,default:()=>h,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const s={title:"v0.9.0",date:"2023-11-07 12:30:45 +0000 UTC"},i=void 0,o={unversionedId:"changelogs/changelogs/v0.9.0",id:"version-0.9/changelogs/changelogs/v0.9.0",title:"v0.9.0",description:"(rancherio-gh-m) released this 2023-11-07 1245 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.0",permalink:"/0.9/changelogs/changelogs/v0.9.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.0.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.0",date:"2023-11-07 12:30:45 +0000 UTC"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.9/troubleshooting"},next:{title:"v0.9.1",permalink:"/0.9/changelogs/changelogs/v0.9.1"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-11-07 12:30:45 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("p",null,"Fleet 0.9 contains major ",(0,l.kt)("a",{href:"https://github.com/rancher/gitjob/releases/tag/v0.1.96"},"changes to Gitjob"),". The existing git handling code has been unified and now uses the go-git library. The tekton CLI, which was used for cloning, has been removed. The release improves the performance on downstream clusters, by using a caching client with the helm SDK."),(0,l.kt)("h2",null,"Known Issues"),(0,l.kt)("ul",null,(0,l.kt)("li",null,'Gitjob might report "git binary not found" if the path within the repository does not exist. ',(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1979967973","data-permission-text":"Title is private","data-url":"https://github.com/rancher/rancher/issues/43499","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/43499/hovercard",href:"https://github.com/rancher/rancher/issues/43499"},"rancher/rancher#43499"))),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add helm version to capabilities by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1865337733","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1743","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1743/hovercard",href:"https://github.com/rancher/fleet/pull/1743"},"#1743")),(0,l.kt)("li",null,"Add support for spec field identifying KUBECONFIG namespace for imported clusters by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aiyengar2/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aiyengar2"},"@aiyengar2")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1895090256","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1786","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1786/hovercard",href:"https://github.com/rancher/fleet/pull/1786"},"#1786")),(0,l.kt)("li",null,"Allow configuring EnableDNS property in Helm through fleet.yaml by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1880067882","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1755","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1755/hovercard",href:"https://github.com/rancher/fleet/pull/1755"},"#1755")),(0,l.kt)("li",null,"Allow skipping Helm's schema validation through fleet.yaml by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1890208383","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1769","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1769/hovercard",href:"https://github.com/rancher/fleet/pull/1769"},"#1769")),(0,l.kt)("li",null,"Document public API by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1793509578","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1639","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1639/hovercard",href:"https://github.com/rancher/fleet/pull/1639"},"#1639")),(0,l.kt)("li",null,"Add descriptions to CRDs by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1909188933","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1798","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1798/hovercard",href:"https://github.com/rancher/fleet/pull/1798"},"#1798")),(0,l.kt)("li",null,"Helm Storage Backend With Caching by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1913619136","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1809","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1809/hovercard",href:"https://github.com/rancher/fleet/pull/1809"},"#1809")),(0,l.kt)("li",null,"Include nonResourceURLs Fleet-Agent's RBAC by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1911427587","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1806","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1806/hovercard",href:"https://github.com/rancher/fleet/pull/1806"},"#1806"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add SecurityContext to job container by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1947343283","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1878","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1878/hovercard",href:"https://github.com/rancher/fleet/pull/1878"},"#1878")),(0,l.kt)("li",null,"Incorrect agent's DebugLevel when settings propagation is set by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1891871949","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1776","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1776/hovercard",href:"https://github.com/rancher/fleet/pull/1776"},"#1776")),(0,l.kt)("li",null,"Initialise cluster registration labels map if empty by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1921679910","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1832","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1832/hovercard",href:"https://github.com/rancher/fleet/pull/1832"},"#1832")),(0,l.kt)("li",null,"Pin version of k8s.io/dynamic-resource-allocation by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1880022451","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1754","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1754/hovercard",href:"https://github.com/rancher/fleet/pull/1754"},"#1754"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add dev scripts to simplify using E2E tests by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1887260697","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1764","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1764/hovercard",href:"https://github.com/rancher/fleet/pull/1764"},"#1764")),(0,l.kt)("li",null,"Add integration test to verify fleet.yaml helm options for non-helm type bundles by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1891774210","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1775","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1775/hovercard",href:"https://github.com/rancher/fleet/pull/1775"},"#1775")),(0,l.kt)("li",null,"CI: Retry on context deadline exceeded by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1896515940","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1788","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1788/hovercard",href:"https://github.com/rancher/fleet/pull/1788"},"#1788")),(0,l.kt)("li",null,"Document APIServerURL in the config by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1905121773","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1795","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1795/hovercard",href:"https://github.com/rancher/fleet/pull/1795"},"#1795")),(0,l.kt)("li",null,"E2E: Fix flaky single cluster tests by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1894739307","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1784","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1784/hovercard",href:"https://github.com/rancher/fleet/pull/1784"},"#1784")),(0,l.kt)("li",null,"E2E: Increase testenv reliability by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1842980334","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1704","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1704/hovercard",href:"https://github.com/rancher/fleet/pull/1704"},"#1704")),(0,l.kt)("li",null,"Fix nightly image build workflow YAML by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1881504909","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1758","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1758/hovercard",href:"https://github.com/rancher/fleet/pull/1758"},"#1758")),(0,l.kt)("li",null,"Fix patch_crd_descriptions.sh when yq is not installed by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1915165661","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1810","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1810/hovercard",href:"https://github.com/rancher/fleet/pull/1810"},"#1810")),(0,l.kt)("li",null,"Fixes for running multi cluster E2E tests locally by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1885365675","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1762","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1762/hovercard",href:"https://github.com/rancher/fleet/pull/1762"},"#1762")),(0,l.kt)("li",null,"Fix CA variable usage in dev/setup-fleet by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1887587973","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1766","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1766/hovercard",href:"https://github.com/rancher/fleet/pull/1766"},"#1766")),(0,l.kt)("li",null,"Improve release scripts by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1885179052","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1761","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1761/hovercard",href:"https://github.com/rancher/fleet/pull/1761"},"#1761")),(0,l.kt)("li",null,"Increase speed of clusterregistration clean up hook by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1848103589","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1712","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1712/hovercard",href:"https://github.com/rancher/fleet/pull/1712"},"#1712")),(0,l.kt)("li",null,"Remove previous version selection in release against rancher script by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1890926992","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1773","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1773/hovercard",href:"https://github.com/rancher/fleet/pull/1773"},"#1773")),(0,l.kt)("li",null,"Remove Tekton references from release docs by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1924215600","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1833","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1833/hovercard",href:"https://github.com/rancher/fleet/pull/1833"},"#1833")),(0,l.kt)("li",null,"Remove tekton by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1894002420","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1782","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1782/hovercard",href:"https://github.com/rancher/fleet/pull/1782"},"#1782")),(0,l.kt)("li",null,"Retry k3d image import in workflows by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1900858611","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1793","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1793/hovercard",href:"https://github.com/rancher/fleet/pull/1793"},"#1793")),(0,l.kt)("li",null,"Simplify Golang version management by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/olblak/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/olblak"},"@olblak")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1849398421","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1714","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1714/hovercard",href:"https://github.com/rancher/fleet/pull/1714"},"#1714")),(0,l.kt)("li",null,"Switch k3d import to default mode to detect error in e2e setup by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1906606681","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1797","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1797/hovercard",href:"https://github.com/rancher/fleet/pull/1797"},"#1797")),(0,l.kt)("li",null,"Testenv infra uses local fleet module by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1880359232","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1756","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1756/hovercard",href:"https://github.com/rancher/fleet/pull/1756"},"#1756")),(0,l.kt)("li",null,"Update README.md with instructions on how to use nektos/act by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1887498534","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1765","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1765/hovercard",href:"https://github.com/rancher/fleet/pull/1765"},"#1765")),(0,l.kt)("li",null,"Upgrade k3d k8s versions in CI by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1892829180","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1780","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1780/hovercard",href:"https://github.com/rancher/fleet/pull/1780"},"#1780")),(0,l.kt)("li",null,"Use constants for agent cluster role names by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1917478538","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1814","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1814/hovercard",href:"https://github.com/rancher/fleet/pull/1814"},"#1814")),(0,l.kt)("li",null,"Go K8s related security bumps by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1846648167","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1709","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1709/hovercard",href:"https://github.com/rancher/fleet/pull/1709"},"#1709")),(0,l.kt)("li",null,"Bump Golang to 1.21.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rancherbot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rancherbot"},"@rancherbot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1850957044","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1716","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1716/hovercard",href:"https://github.com/rancher/fleet/pull/1716"},"#1716")),(0,l.kt)("li",null,"Bump all modules by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1865428989","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1745","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1745/hovercard",href:"https://github.com/rancher/fleet/pull/1745"},"#1745")),(0,l.kt)("li",null,"Bump bci/bci-base from 15.5.36.5.33 to 15.5.36.5.34 in /package by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"organization","data-hovercard-url":"/orgs/dependabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/dependabot"},"@dependabot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1910700933","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1805","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1805/hovercard",href:"https://github.com/rancher/fleet/pull/1805"},"#1805")),(0,l.kt)("li",null,"Bump github.com/evanphx/json-patch from 5.6.0+incompatible to 5.7.0+incompatible by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"organization","data-hovercard-url":"/orgs/dependabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/dependabot"},"@dependabot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1910694235","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1802","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1802/hovercard",href:"https://github.com/rancher/fleet/pull/1802"},"#1802"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.0...v0.9.0"},(0,l.kt)("tt",null,"v0.8.0...v0.9.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-crd-0.9.0.tgz"},"fleet-crd-0.9.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-agent-0.9.0.tgz"},"fleet-agent-0.9.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-0.9.0.tgz"},"fleet-0.9.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.0"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7378],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var n=r.createContext({}),c=function(e){var t=r.useContext(n),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(n.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,n=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),u=c(a),p=l,m=u["".concat(n,".").concat(p)]||u[p]||h[p]||s;return a?r.createElement(m,i(i({ref:t},d),{},{components:a})):r.createElement(m,i({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,i=new Array(s);i[0]=u;var o={};for(var n in t)hasOwnProperty.call(t,n)&&(o[n]=t[n]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>n,contentTitle:()=>i,default:()=>h,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const s={title:"v0.9.0",date:"2023-11-07 12:30:45 +0000 UTC"},i=void 0,o={unversionedId:"changelogs/changelogs/v0.9.0",id:"version-0.9/changelogs/changelogs/v0.9.0",title:"v0.9.0",description:"(rancherio-gh-m) released this 2023-11-07 1245 +0000 UTC",source:"@site/versioned_docs/version-0.9/changelogs/changelogs/v0.9.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.9.0",permalink:"/0.9/changelogs/changelogs/v0.9.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/changelogs/changelogs/v0.9.0.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"v0.9.0",date:"2023-11-07 12:30:45 +0000 UTC"},sidebar:"docs",previous:{title:"Troubleshooting",permalink:"/0.9/troubleshooting"},next:{title:"v0.9.1",permalink:"/0.9/changelogs/changelogs/v0.9.1"}},n={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2023-11-07 12:30:45 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("p",null,"Fleet 0.9 contains major ",(0,l.kt)("a",{href:"https://github.com/rancher/gitjob/releases/tag/v0.1.96"},"changes to Gitjob"),". The existing git handling code has been unified and now uses the go-git library. The tekton CLI, which was used for cloning, has been removed. The release improves the performance on downstream clusters, by using a caching client with the helm SDK."),(0,l.kt)("h2",null,"Known Issues"),(0,l.kt)("ul",null,(0,l.kt)("li",null,'Gitjob might report "git binary not found" if the path within the repository does not exist. ',(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1979967973","data-permission-text":"Title is private","data-url":"https://github.com/rancher/rancher/issues/43499","data-hovercard-type":"issue","data-hovercard-url":"/rancher/rancher/issues/43499/hovercard",href:"https://github.com/rancher/rancher/issues/43499"},"rancher/rancher#43499"))),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add helm version to capabilities by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1865337733","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1743","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1743/hovercard",href:"https://github.com/rancher/fleet/pull/1743"},"#1743")),(0,l.kt)("li",null,"Add support for spec field identifying KUBECONFIG namespace for imported clusters by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aiyengar2/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aiyengar2"},"@aiyengar2")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1895090256","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1786","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1786/hovercard",href:"https://github.com/rancher/fleet/pull/1786"},"#1786")),(0,l.kt)("li",null,"Allow configuring EnableDNS property in Helm through fleet.yaml by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1880067882","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1755","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1755/hovercard",href:"https://github.com/rancher/fleet/pull/1755"},"#1755")),(0,l.kt)("li",null,"Allow skipping Helm's schema validation through fleet.yaml by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1890208383","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1769","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1769/hovercard",href:"https://github.com/rancher/fleet/pull/1769"},"#1769")),(0,l.kt)("li",null,"Document public API by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1793509578","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1639","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1639/hovercard",href:"https://github.com/rancher/fleet/pull/1639"},"#1639")),(0,l.kt)("li",null,"Add descriptions to CRDs by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1909188933","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1798","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1798/hovercard",href:"https://github.com/rancher/fleet/pull/1798"},"#1798")),(0,l.kt)("li",null,"Helm Storage Backend With Caching by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1913619136","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1809","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1809/hovercard",href:"https://github.com/rancher/fleet/pull/1809"},"#1809")),(0,l.kt)("li",null,"Include nonResourceURLs Fleet-Agent's RBAC by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1911427587","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1806","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1806/hovercard",href:"https://github.com/rancher/fleet/pull/1806"},"#1806"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add SecurityContext to job container by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1947343283","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1878","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1878/hovercard",href:"https://github.com/rancher/fleet/pull/1878"},"#1878")),(0,l.kt)("li",null,"Incorrect agent's DebugLevel when settings propagation is set by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1891871949","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1776","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1776/hovercard",href:"https://github.com/rancher/fleet/pull/1776"},"#1776")),(0,l.kt)("li",null,"Initialise cluster registration labels map if empty by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1921679910","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1832","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1832/hovercard",href:"https://github.com/rancher/fleet/pull/1832"},"#1832")),(0,l.kt)("li",null,"Pin version of k8s.io/dynamic-resource-allocation by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1880022451","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1754","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1754/hovercard",href:"https://github.com/rancher/fleet/pull/1754"},"#1754"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add dev scripts to simplify using E2E tests by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1887260697","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1764","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1764/hovercard",href:"https://github.com/rancher/fleet/pull/1764"},"#1764")),(0,l.kt)("li",null,"Add integration test to verify fleet.yaml helm options for non-helm type bundles by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1891774210","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1775","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1775/hovercard",href:"https://github.com/rancher/fleet/pull/1775"},"#1775")),(0,l.kt)("li",null,"CI: Retry on context deadline exceeded by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1896515940","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1788","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1788/hovercard",href:"https://github.com/rancher/fleet/pull/1788"},"#1788")),(0,l.kt)("li",null,"Document APIServerURL in the config by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1905121773","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1795","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1795/hovercard",href:"https://github.com/rancher/fleet/pull/1795"},"#1795")),(0,l.kt)("li",null,"E2E: Fix flaky single cluster tests by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1894739307","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1784","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1784/hovercard",href:"https://github.com/rancher/fleet/pull/1784"},"#1784")),(0,l.kt)("li",null,"E2E: Increase testenv reliability by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1842980334","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1704","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1704/hovercard",href:"https://github.com/rancher/fleet/pull/1704"},"#1704")),(0,l.kt)("li",null,"Fix nightly image build workflow YAML by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1881504909","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1758","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1758/hovercard",href:"https://github.com/rancher/fleet/pull/1758"},"#1758")),(0,l.kt)("li",null,"Fix patch_crd_descriptions.sh when yq is not installed by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1915165661","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1810","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1810/hovercard",href:"https://github.com/rancher/fleet/pull/1810"},"#1810")),(0,l.kt)("li",null,"Fixes for running multi cluster E2E tests locally by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1885365675","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1762","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1762/hovercard",href:"https://github.com/rancher/fleet/pull/1762"},"#1762")),(0,l.kt)("li",null,"Fix CA variable usage in dev/setup-fleet by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1887587973","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1766","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1766/hovercard",href:"https://github.com/rancher/fleet/pull/1766"},"#1766")),(0,l.kt)("li",null,"Improve release scripts by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1885179052","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1761","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1761/hovercard",href:"https://github.com/rancher/fleet/pull/1761"},"#1761")),(0,l.kt)("li",null,"Increase speed of clusterregistration clean up hook by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1848103589","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1712","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1712/hovercard",href:"https://github.com/rancher/fleet/pull/1712"},"#1712")),(0,l.kt)("li",null,"Remove previous version selection in release against rancher script by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1890926992","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1773","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1773/hovercard",href:"https://github.com/rancher/fleet/pull/1773"},"#1773")),(0,l.kt)("li",null,"Remove Tekton references from release docs by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1924215600","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1833","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1833/hovercard",href:"https://github.com/rancher/fleet/pull/1833"},"#1833")),(0,l.kt)("li",null,"Remove tekton by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1894002420","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1782","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1782/hovercard",href:"https://github.com/rancher/fleet/pull/1782"},"#1782")),(0,l.kt)("li",null,"Retry k3d image import in workflows by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1900858611","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1793","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1793/hovercard",href:"https://github.com/rancher/fleet/pull/1793"},"#1793")),(0,l.kt)("li",null,"Simplify Golang version management by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/olblak/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/olblak"},"@olblak")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1849398421","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1714","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1714/hovercard",href:"https://github.com/rancher/fleet/pull/1714"},"#1714")),(0,l.kt)("li",null,"Switch k3d import to default mode to detect error in e2e setup by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1906606681","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1797","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1797/hovercard",href:"https://github.com/rancher/fleet/pull/1797"},"#1797")),(0,l.kt)("li",null,"Testenv infra uses local fleet module by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1880359232","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1756","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1756/hovercard",href:"https://github.com/rancher/fleet/pull/1756"},"#1756")),(0,l.kt)("li",null,"Update README.md with instructions on how to use nektos/act by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/p-se/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/p-se"},"@p-se")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1887498534","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1765","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1765/hovercard",href:"https://github.com/rancher/fleet/pull/1765"},"#1765")),(0,l.kt)("li",null,"Upgrade k3d k8s versions in CI by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1892829180","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1780","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1780/hovercard",href:"https://github.com/rancher/fleet/pull/1780"},"#1780")),(0,l.kt)("li",null,"Use constants for agent cluster role names by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1917478538","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1814","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1814/hovercard",href:"https://github.com/rancher/fleet/pull/1814"},"#1814")),(0,l.kt)("li",null,"Go K8s related security bumps by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1846648167","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1709","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1709/hovercard",href:"https://github.com/rancher/fleet/pull/1709"},"#1709")),(0,l.kt)("li",null,"Bump Golang to 1.21.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rancherbot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rancherbot"},"@rancherbot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1850957044","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1716","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1716/hovercard",href:"https://github.com/rancher/fleet/pull/1716"},"#1716")),(0,l.kt)("li",null,"Bump all modules by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1865428989","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1745","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1745/hovercard",href:"https://github.com/rancher/fleet/pull/1745"},"#1745")),(0,l.kt)("li",null,"Bump bci/bci-base from 15.5.36.5.33 to 15.5.36.5.34 in /package by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"organization","data-hovercard-url":"/orgs/dependabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/dependabot"},"@dependabot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1910700933","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1805","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1805/hovercard",href:"https://github.com/rancher/fleet/pull/1805"},"#1805")),(0,l.kt)("li",null,"Bump github.com/evanphx/json-patch from 5.6.0+incompatible to 5.7.0+incompatible by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"organization","data-hovercard-url":"/orgs/dependabot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/dependabot"},"@dependabot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1910694235","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1802","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1802/hovercard",href:"https://github.com/rancher/fleet/pull/1802"},"#1802"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.0...v0.9.0"},(0,l.kt)("tt",null,"v0.8.0...v0.9.0"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-crd-0.9.0.tgz"},"fleet-crd-0.9.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-agent-0.9.0.tgz"},"fleet-agent-0.9.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-0.9.0.tgz"},"fleet-0.9.0.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.9.0/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.9.0"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/dfa3dc49.11ea6a78.js b/assets/js/dfa3dc49.4cafa3c5.js similarity index 99% rename from assets/js/dfa3dc49.11ea6a78.js rename to assets/js/dfa3dc49.4cafa3c5.js index 4d4f0b044..6339aafb8 100644 --- a/assets/js/dfa3dc49.11ea6a78.js +++ b/assets/js/dfa3dc49.4cafa3c5.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[599],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},4757:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/docs/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/tut-deployment.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/quickstart"},next:{title:"Uninstall",permalink:"/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>T});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),i=a(1980),u=a(7392),m=a(12);function p(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function c(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function d(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=c(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[i,u]=d({queryString:a,groupId:l}),[p,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,m.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),y=(()=>{const e=i??p;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{y&&o(y)}),[y]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var y=a(2389);const k="tabList__CuJ",g="tabItem_LNqP";function b(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:u}=e;const m=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.o5)(),c=e=>{const t=e.currentTarget,a=m.indexOf(t),l=u[a].value;l!==o&&(p(t),i(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":c(e);break;case"ArrowRight":{const t=m.indexOf(e.currentTarget)+1;a=m[t]??m[0];break}case"ArrowLeft":{const t=m.indexOf(e.currentTarget)-1;a=m[t]??m[m.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>m.push(e),onKeyDown:h,onClick:c},s,{className:(0,r.Z)("tabs__item",g,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(b,(0,l.Z)({},e,t)),n.createElement(v,(0,l.Z)({},e,t)))}function T(e){const t=(0,y.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},4757:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>u,default:()=>d,frontMatter:()=>i,metadata:()=>m,toc:()=>c});var l=a(7462),n=(a(7294),a(3905)),r=a(814),s=a(4866),o=a(5162);const i={},u="Creating a Deployment",m={unversionedId:"tut-deployment",id:"tut-deployment",title:"Creating a Deployment",description:"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it.",source:"@site/docs/tut-deployment.md",sourceDirName:".",slug:"/tut-deployment",permalink:"/tut-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/tut-deployment.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Quick Start",permalink:"/quickstart"},next:{title:"Uninstall",permalink:"/uninstall"}},p={},c=[{value:"Single-Cluster Examples",id:"single-cluster-examples",level:2},{value:"Multi-Cluster Examples",id:"multi-cluster-examples",level:2}],h={toc:c};function d(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"creating-a-deployment"},"Creating a Deployment"),(0,n.kt)("p",null,"To deploy workloads onto downstream clusters, first create a Git repo, then create a GitRepo resource and apply it."),(0,n.kt)("p",null,"This tutorial uses the ",(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples"},"fleet-examples")," repository."),(0,n.kt)("admonition",{type:"note"},(0,n.kt)("p",{parentName:"admonition"},"For more details on how to structure the repository and configure the deployment of each bundle see ",(0,n.kt)("a",{parentName:"p",href:"/gitrepo-content"},"GitRepo Contents"),".\nFor more details on the options that are available per Git repository see ",(0,n.kt)("a",{parentName:"p",href:"/gitrepo-add"},"Adding a GitRepo"),".")),(0,n.kt)("h2",{id:"single-cluster-examples"},"Single-Cluster Examples"),(0,n.kt)("p",null,"All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet."),(0,n.kt)(s.Z,{groupId:"examples",mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm",default:!0,mdxType:"TabItem"},(0,n.kt)("p",null,"An example using Helm. We are deploying the ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet-examples/tree/master/single-cluster/helm"},"helm example")," to the local cluster."),(0,n.kt)("p",null,"The repository contains a helm chart and an optional ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to configure the deployment:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="fleet.yaml"',title:'"fleet.yaml"'},'namespace: fleet-helm-example\n\n# Custom helm options\nhelm:\n # The release name to use. If empty a generated release name will be used\n releaseName: guestbook\n\n # The directory of the chart in the repo. Also any valid go-getter supported\n # URL can be used there is specify where to download the chart from.\n # If repo below is set this value if the chart name in the repo\n chart: ""\n\n # An https to a valid Helm repository to download the chart from\n repo: ""\n\n # Used if repo is set to look up the version of the chart\n version: ""\n\n # Force recreate resource that can not be updated\n force: false\n\n # How long for helm to wait for the release to be active. If the value\n # is less that or equal to zero, we will not wait in Helm\n timeoutSeconds: 0\n\n # Custom values that will be passed as values.yaml to the installation\n values:\n replicas: 2\n')),(0,n.kt)("p",null,"To create the deployment, we apply the custom resource to the upstream cluster. The ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace contains the local cluster resource. The local fleet-agent will create the deployment in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-helm-example")," namespace."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl apply -n fleet-local -f - <{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.5/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.5/index.md",sourceDirName:".",slug:"/",permalink:"/0.5/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/index.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.5/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6418],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.5/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.5/index.md",sourceDirName:".",slug:"/",permalink:"/0.5/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/index.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.5/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(9225).Z,width:"969",height:"775"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users have a high degree of control, consistency, and auditability."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},9225:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/arch-1c6cd25727f6427c62add813758335a8.png"}}]); \ No newline at end of file diff --git a/assets/js/e15d65f4.52328285.js b/assets/js/e15d65f4.b6edd62c.js similarity index 97% rename from assets/js/e15d65f4.52328285.js rename to assets/js/e15d65f4.b6edd62c.js index 33fda70a9..aa6dfe2d3 100644 --- a/assets/js/e15d65f4.52328285.js +++ b/assets/js/e15d65f4.b6edd62c.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[198],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>d});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),f=s(r),d=o,g=f["".concat(i,".").concat(d)]||f[d]||u[d]||a;return r?n.createElement(g,c(c({ref:t},p),{},{components:r})):n.createElement(g,c({ref:t},p))}));function d(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,c=new Array(a);c[0]=f;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l.mdxType="string"==typeof e?e:o,c[1]=l;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>c,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"Next \ud83d\udea7"},c=void 0,l={unversionedId:"changelogs/index",id:"changelogs/index",title:"Next \ud83d\udea7",description:"We are still working on the next release.",source:"@site/docs/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/changelogs/index.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"Next \ud83d\udea7"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,"We are still working on the next release."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[198],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>d});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function c(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):c(c({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=l(e,["components","mdxType","originalType","parentName"]),f=s(r),d=o,g=f["".concat(i,".").concat(d)]||f[d]||u[d]||a;return r?n.createElement(g,c(c({ref:t},p),{},{components:r})):n.createElement(g,c({ref:t},p))}));function d(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,c=new Array(a);c[0]=f;var l={};for(var i in t)hasOwnProperty.call(t,i)&&(l[i]=t[i]);l.originalType=e,l.mdxType="string"==typeof e?e:o,c[1]=l;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>c,default:()=>u,frontMatter:()=>a,metadata:()=>l,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"Next \ud83d\udea7"},c=void 0,l={unversionedId:"changelogs/index",id:"changelogs/index",title:"Next \ud83d\udea7",description:"We are still working on the next release.",source:"@site/docs/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/changelogs/index.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"Next \ud83d\udea7"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("p",null,"We are still working on the next release."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/e252aa27.3c12bed3.js b/assets/js/e252aa27.1aae1602.js similarity index 98% rename from assets/js/e252aa27.3c12bed3.js rename to assets/js/e252aa27.1aae1602.js index f592f93f9..5f11a5ab8 100644 --- a/assets/js/e252aa27.3c12bed3.js +++ b/assets/js/e252aa27.1aae1602.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5854],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,i=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=r,k=d["".concat(l,".").concat(m)]||d[m]||p[m]||i;return n?a.createElement(k,o(o({ref:t},u),{},{components:n})):a.createElement(k,o({ref:t},u))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=n.length,o=new Array(i);o[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const i={},o="Cluster Registration Tokens",s={unversionedId:"cluster-tokens",id:"version-0.5/cluster-tokens",title:"Cluster Registration Tokens",description:"Not needed for Manager initiated registration:",source:"@site/versioned_docs/version-0.5/cluster-tokens.md",sourceDirName:".",slug:"/cluster-tokens",permalink:"/0.5/cluster-tokens",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/cluster-tokens.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.5/cluster-overview"},next:{title:"Agent Initiated",permalink:"/0.5/agent-initiated"}},l={},c=[{value:"Token TTL",id:"token-ttl",level:2},{value:"Create a new Token",id:"create-a-new-token",level:2},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:2}],u={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"cluster-registration-tokens"},"Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager initiated registration"),":\nFor manager initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent initiated registration the downstream cluster must have a cluster registration token.\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h2",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h2",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.5/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h2",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5854],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function i(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},u=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,i=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=r,k=d["".concat(l,".").concat(m)]||d[m]||p[m]||i;return n?a.createElement(k,o(o({ref:t},u),{},{components:n})):a.createElement(k,o({ref:t},u))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var i=n.length,o=new Array(i);o[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,o[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const i={},o="Cluster Registration Tokens",s={unversionedId:"cluster-tokens",id:"version-0.5/cluster-tokens",title:"Cluster Registration Tokens",description:"Not needed for Manager initiated registration:",source:"@site/versioned_docs/version-0.5/cluster-tokens.md",sourceDirName:".",slug:"/cluster-tokens",permalink:"/0.5/cluster-tokens",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/cluster-tokens.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.5/cluster-overview"},next:{title:"Agent Initiated",permalink:"/0.5/agent-initiated"}},l={},c=[{value:"Token TTL",id:"token-ttl",level:2},{value:"Create a new Token",id:"create-a-new-token",level:2},{value:"Obtaining Token Value (Agent values.yaml)",id:"obtaining-token-value-agent-valuesyaml",level:2}],u={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"cluster-registration-tokens"},"Cluster Registration Tokens"),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("strong",{parentName:"p"},"Not needed for Manager initiated registration"),":\nFor manager initiated registrations the token is managed by the Fleet manager and does\nnot need to be manually created and obtained.")),(0,r.kt)("p",null,"For an agent initiated registration the downstream cluster must have a cluster registration token.\nCluster registration tokens are used to establish a new identity for a cluster. Internally\ncluster registration tokens are managed by creating Kubernetes service accounts that have the\npermissions to create ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationRequests")," within a specific namespace. Once the\ncluster is registered a new ",(0,r.kt)("inlineCode",{parentName:"p"},"ServiceAccount")," is created for that cluster that is used as\nthe unique identity of the cluster. The agent is designed to forget the cluster registration\ntoken after registration. While the agent will not maintain a reference to the cluster registration\ntoken after a successful registration please note that usually other system bootstrap scripts do."),(0,r.kt)("p",null,"Since the cluster registration token is forgotten, if you need to re-register a cluster you must\ngive the cluster a new registration token."),(0,r.kt)("h2",{id:"token-ttl"},"Token TTL"),(0,r.kt)("p",null,"Cluster registration tokens can be reused by any cluster in a namespace. The tokens can be given a TTL\nsuch that it will expire after a specific time."),(0,r.kt)("h2",{id:"create-a-new-token"},"Create a new Token"),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistationToken")," is a namespaced type and should be created in the same namespace\nin which you will create ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," and ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resources. For in depth details on how namespaces\nare used in Fleet refer to the documentation on ",(0,r.kt)("a",{parentName:"p",href:"/0.5/namespaces"},"namespaces"),". Create a new\ntoken with the below YAML."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: ClusterRegistrationToken\napiVersion: "fleet.cattle.io/v1alpha1"\nmetadata:\n name: new-token\n namespace: clusters\nspec:\n # A duration string for how long this token is valid for. A value <= 0 or null means infinite time.\n ttl: 240h\n')),(0,r.kt)("p",null,"After the ",(0,r.kt)("inlineCode",{parentName:"p"},"ClusterRegistrationToken")," is created, Fleet will create a corresponding ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," with the same name.\nAs the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," creation is performed asynchronously, you will need to wait until it's available before using it."),(0,r.kt)("p",null,"One way to do so is via the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"while ! kubectl --namespace=clusters get secret new-token; do sleep 5; done\n")),(0,r.kt)("h2",{id:"obtaining-token-value-agent-valuesyaml"},"Obtaining Token Value (Agent values.yaml)"),(0,r.kt)("p",null,"The token value contains YAML content for a ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that is expected to be passed to ",(0,r.kt)("inlineCode",{parentName:"p"},"helm install"),"\nto install the Fleet agent on a downstream cluster."),(0,r.kt)("p",null,"Such value is contained in the ",(0,r.kt)("inlineCode",{parentName:"p"},"values")," field of the ",(0,r.kt)("inlineCode",{parentName:"p"},"Secret")," mentioned above. To obtain the YAML content for the\nabove example one can run the following one-liner:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl --namespace clusters get secret new-token -o 'jsonpath={.data.values}' | base64 --decode > values.yaml\n")),(0,r.kt)("p",null,"Once the ",(0,r.kt)("inlineCode",{parentName:"p"},"values.yaml")," is ready it can be used repeatedly by clusters to register until the TTL expires."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/e348fb9e.e254b76d.js b/assets/js/e348fb9e.e9f8880b.js similarity index 99% rename from assets/js/e348fb9e.e254b76d.js rename to assets/js/e348fb9e.e9f8880b.js index 3c8905aa7..be7357807 100644 --- a/assets/js/e348fb9e.e254b76d.js +++ b/assets/js/e348fb9e.e9f8880b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6645],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.7/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.7/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.7/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/troubleshooting.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Resource",permalink:"/0.7/ref-bundle"},next:{title:"v0.7.0",permalink:"/0.7/changelogs/changelogs/v0.7.0"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Fetch detailed status from GitRepos and Bundles?",id:"fetch-detailed-status-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled."),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"fetch-detailed-status-from-gitrepos-and-bundles"},"Fetch detailed status from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"For debugging and bug reports the raw JSON of the resources status fields is most useful.\nThis can be accessed in the Rancher UI, or through ",(0,a.kt)("inlineCode",{parentName:"p"},"kubectl"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}\nkubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}\n")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.7/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.7/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo."),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.7/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority"\n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm:\n releaseName: \n repo: \n chart: \ndiff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations"\n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.7/bundle-diffs"},"bundle diffs documentation")," for more information.")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,a.kt)("p",null,"Managing Fleet within Fleet (nested ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," usage) is not currently supported. We will update the documentation if support becomes available."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6645],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.7/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.7/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.7/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/troubleshooting.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Bundle Resource",permalink:"/0.7/ref-bundle"},next:{title:"v0.7.0",permalink:"/0.7/changelogs/changelogs/v0.7.0"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Fetch detailed status from GitRepos and Bundles?",id:"fetch-detailed-status-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Agent is no longer registered",id:"agent-is-no-longer-registered",level:3},{value:"Nested GitRepo CRs",id:"nested-gitrepo-crs",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled."),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"fetch-detailed-status-from-gitrepos-and-bundles"},"Fetch detailed status from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"For debugging and bug reports the raw JSON of the resources status fields is most useful.\nThis can be accessed in the Rancher UI, or through ",(0,a.kt)("inlineCode",{parentName:"p"},"kubectl"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}\nkubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}\n")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.7/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.7/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo."),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu"),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown"),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.7/ref-fleet-yaml"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority"\n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm:\n releaseName: \n repo: \n chart: \ndiff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations"\n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.7/bundle-diffs"},"bundle diffs documentation")," for more information.")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"agent-is-no-longer-registered"},"Agent is no longer registered"),(0,a.kt)("p",null,"You can force a redeployment of an agent for a given cluster by setting ",(0,a.kt)("inlineCode",{parentName:"p"},"redeployAgentGeneration"),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},'kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p \'[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]\'\n')),(0,a.kt)("h3",{id:"nested-gitrepo-crs"},"Nested GitRepo CRs"),(0,a.kt)("p",null,"Managing Fleet within Fleet (nested ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," usage) is not currently supported. We will update the documentation if support becomes available."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/e35f16a8.e05f6c84.js b/assets/js/e35f16a8.22632871.js similarity index 98% rename from assets/js/e35f16a8.e05f6c84.js rename to assets/js/e35f16a8.22632871.js index 6e7fcca31..8468c4caa 100644 --- a/assets/js/e35f16a8.e05f6c84.js +++ b/assets/js/e35f16a8.22632871.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2952],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"version-0.7/cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/versioned_docs/version-0.7/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/0.7/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-controller/fleet-manager.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/0.7/cli/fleet-cli/fleet_test"},next:{title:"Cluster and Bundle State",permalink:"/0.7/cluster-bundles-state"}},c={},s=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-bootstrap disable agent on local cluster\n --disable-gitops disable gitops components\n -h, --help help for fleet-manager\n --kubeconfig string Kubeconfig file\n --namespace string namespace to watch (default "cattle-fleet-system")\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2952],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>d});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},u=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,a=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),u=s(r),d=l,m=u["".concat(c,".").concat(d)]||u[d]||p[d]||a;return r?n.createElement(m,o(o({ref:t},f),{},{components:r})):n.createElement(m,o({ref:t},f))}));function d(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var a=r.length,o=new Array(a);o[0]=u;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>i,toc:()=>s});var n=r(7462),l=(r(7294),r(3905));const a={title:"",sidebar_label:"fleet-manager"},o=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager",id:"version-0.7/cli/fleet-controller/fleet-manager",title:"",description:"fleet-manager",source:"@site/versioned_docs/version-0.7/cli/fleet-controller/fleet-manager.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager",permalink:"/0.7/cli/fleet-controller/fleet-manager",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/cli/fleet-controller/fleet-manager.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager"},sidebar:"docs",previous:{title:"fleet test",permalink:"/0.7/cli/fleet-cli/fleet_test"},next:{title:"Cluster and Bundle State",permalink:"/0.7/cluster-bundles-state"}},c={},s=[{value:"fleet-manager",id:"fleet-manager",level:2},{value:"Options",id:"options",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-manager"},"fleet-manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet-manager [flags]\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --disable-bootstrap disable agent on local cluster\n --disable-gitops disable gitops components\n -h, --help help for fleet-manager\n --kubeconfig string Kubeconfig file\n --namespace string namespace to watch (default "cattle-fleet-system")\n')))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/e3aa6547.abe9e58f.js b/assets/js/e3aa6547.f75b1792.js similarity index 98% rename from assets/js/e3aa6547.abe9e58f.js rename to assets/js/e3aa6547.f75b1792.js index 3fb9add91..4a828058e 100644 --- a/assets/js/e3aa6547.abe9e58f.js +++ b/assets/js/e3aa6547.f75b1792.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1462],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=c(n),u=r,g=d["".concat(l,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const o={},i="Image scan",s={unversionedId:"imagescan",id:"version-0.4/imagescan",title:"Image scan",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.4/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.4/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/imagescan.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Webhook",permalink:"/0.4/webhook"},next:{title:"Cluster and Bundle state",permalink:"/0.4/cluster-bundles-state"}},l={},c=[],m={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"image-scan"},"Image scan"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order \n- policy: \n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver: \n range: "*" \n # can use ascending or descending order\n alphabetical:\n order: asc \n\n # specify images to scan\n image: "your.registry.com/repo/image" \n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret \n\n # Specify the scan interval\n interval: 5m \n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples \n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m \n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret \n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1462],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var l=a.createContext({}),c=function(e){var t=a.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=c(e.components);return a.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,l=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=c(n),u=r,g=d["".concat(l,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const o={},i="Image scan",s={unversionedId:"imagescan",id:"version-0.4/imagescan",title:"Image scan",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.4/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.4/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/imagescan.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Webhook",permalink:"/0.4/webhook"},next:{title:"Cluster and Bundle state",permalink:"/0.4/cluster-bundles-state"}},l={},c=[],m={toc:c};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"image-scan"},"Image scan"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order \n- policy: \n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver: \n range: "*" \n # can use ascending or descending order\n alphabetical:\n order: asc \n\n # specify images to scan\n image: "your.registry.com/repo/image" \n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret \n\n # Specify the scan interval\n interval: 5m \n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples \n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m \n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret \n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/e431d4ee.2681b6cb.js b/assets/js/e431d4ee.d6f57b56.js similarity index 99% rename from assets/js/e431d4ee.2681b6cb.js rename to assets/js/e431d4ee.d6f57b56.js index 2920928b1..c7c9deff5 100644 --- a/assets/js/e431d4ee.2681b6cb.js +++ b/assets/js/e431d4ee.d6f57b56.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[295],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),u=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:a}=e;const l=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,i]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),g=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=u[a].value;l!==i&&(d(t),o(l))},m=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},4623:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var l=a(7462),n=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const u={},c="Installation Details",d={unversionedId:"installation",id:"version-0.7/installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/versioned_docs/version-0.7/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.7/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/installation.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources",permalink:"/0.7/ref-resources"},next:{title:"Register Downstream Clusters",permalink:"/0.7/cluster-registration"}},p={},m=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],h={toc:m};function f(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"installation-details"},"Installation Details"),(0,n.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,n.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d.next.kubernetes," or greater.")),(0,n.kt)("h2",{id:"default-install"},"Default Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)("p",null,"First add Fleet's Helm repository."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd"),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet")),(0,n.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,n.kt)("h2",{id:"configuration-for-multi-cluster"},"Configuration for Multi-Cluster"),(0,n.kt)("admonition",{type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,n.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,n.kt)("p",{parentName:"admonition"},"The multi-cluster install described below is ",(0,n.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA.")),(0,n.kt)("admonition",{type:"info"},(0,n.kt)("p",{parentName:"admonition"},"The setup is the same as for a single cluster.\nAfter installing the Fleet manager, you will then need to register remote downstream clusters with the Fleet manager."),(0,n.kt)("p",{parentName:"admonition"},"However, to allow for ",(0,n.kt)("a",{parentName:"p",href:"/0.7/cluster-registration#manager-initiated"},"manager-initiated registration")," of downstream clusters, a few extra settings are required. Without the API server URL and the CA, only ",(0,n.kt)("a",{parentName:"p",href:"/0.7/cluster-registration#agent-initiated"},"agent-initiated registration")," of downstream clusters is possible.")),(0,n.kt)("h3",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,n.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,n.kt)("inlineCode",{parentName:"p"},"$HOME/.kube/config"),"). The ",(0,n.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="$HOME/.kube/config"',title:'"$HOME/.kube/config"'},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,n.kt)("h4",{id:"extract-ca-certificate"},"Extract CA certificate"),(0,n.kt)("p",null,"Please note that the ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,n.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,n.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,n.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,n.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("h4",{id:"validate"},"Validate"),(0,n.kt)("p",null,"First validate the server URL is correct."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,n.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,n.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"If you get a valid JSON response or an ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,n.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,n.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,n.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,n.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,n.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,n.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,n.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,n.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,n.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First add Fleet's Helm repository.",(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d.next.fleetCRD),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d.next.fleet)),(0,n.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.7/cluster-registration"},"register clusters")," and ",(0,n.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[295],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>A});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),i=a(6550),o=a(1980),u=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,u.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function h(e){let{queryString:t=!1,groupId:a}=e;const l=(0,i.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,o._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,i]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[o,u]=h({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),g=(()=>{const e=o??d;return m({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{g&&i(g)}),[g]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!m({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);i(e),u(e),f(e)}),[u,f,r]),tabValues:r}}var g=a(2389);const k="tabList__CuJ",b="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:i,selectValue:o,tabValues:u}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=u[a].value;l!==i&&(d(t),o(l))},m=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},u.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:i===t?0:-1,"aria-selected":i===t,key:t,ref:e=>c.push(e),onKeyDown:m,onClick:p},s,{className:(0,r.Z)("tabs__item",b,null==s?void 0:s.className,{"tabs__item--active":i===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",k)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function A(e){const t=(0,g.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},4623:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>p,contentTitle:()=>c,default:()=>f,frontMatter:()=>u,metadata:()=>d,toc:()=>m});var l=a(7462),n=(a(7294),a(3905)),r=a(6828),s=a(814),i=a(4866),o=a(5162);const u={},c="Installation Details",d={unversionedId:"installation",id:"version-0.7/installation",title:"Installation Details",description:"The installation is broken up into two different use cases: single and multi-cluster.",source:"@site/versioned_docs/version-0.7/installation.md",sourceDirName:".",slug:"/installation",permalink:"/0.7/installation",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/installation.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Custom Resources",permalink:"/0.7/ref-resources"},next:{title:"Register Downstream Clusters",permalink:"/0.7/cluster-registration"}},p={},m=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Default Install",id:"default-install",level:2},{value:"Configuration for Multi-Cluster",id:"configuration-for-multi-cluster",level:2},{value:"API Server URL and CA certificate",id:"api-server-url-and-ca-certificate",level:3},{value:"Extract CA certificate",id:"extract-ca-certificate",level:4},{value:"Extract API Server",id:"extract-api-server",level:4},{value:"Validate",id:"validate",level:4},{value:"Install for Multi-Cluster",id:"install-for-multi-cluster",level:3}],h={toc:m};function f(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"installation-details"},"Installation Details"),(0,n.kt)("p",null,"The installation is broken up into two different use cases: single and multi-cluster.\nThe single cluster install is for if you wish to use GitOps to manage a single cluster,\nin which case you do not need a centralized manager cluster. In the multi-cluster use case\nyou will setup a centralized manager cluster to which you can register clusters."),(0,n.kt)("p",null,"If you are just learning Fleet the single cluster install is the recommended starting\npoint. After which you can move from single cluster to multi-cluster setup down the line."),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Single-cluster is the default installation. The same cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"helm",label:"Helm 3",default:!0,mdxType:"TabItem"},"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is fairly straight forward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)(o.Z,{value:"kubernetes",label:"Kubernetes",default:!0,mdxType:"TabItem"},"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the single cluster use case you will install Fleet to the cluster which you intend to manage with GitOps. Any Kubernetes community supported version of Kubernetes will work, in practice this means ",r.d.next.kubernetes," or greater.")),(0,n.kt)("h2",{id:"default-install"},"Default Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install",label:"Install",default:!0,mdxType:"TabItem"},(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)("p",null,"First add Fleet's Helm repository."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd"),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet")),(0,n.kt)(o.Z,{value:"verify",label:"Verify",mdxType:"TabItem"},(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."),(0,n.kt)("h2",{id:"configuration-for-multi-cluster"},"Configuration for Multi-Cluster"),(0,n.kt)("admonition",{type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Downstream clusters in Rancher are automatically registered in Fleet. Users can access Fleet under ",(0,n.kt)("inlineCode",{parentName:"p"},"Continuous Delivery")," on Rancher."),(0,n.kt)("p",{parentName:"admonition"},"The multi-cluster install described below is ",(0,n.kt)("strong",{parentName:"p"},"only")," covered in standalone Fleet, which is untested by Rancher QA.")),(0,n.kt)("admonition",{type:"info"},(0,n.kt)("p",{parentName:"admonition"},"The setup is the same as for a single cluster.\nAfter installing the Fleet manager, you will then need to register remote downstream clusters with the Fleet manager."),(0,n.kt)("p",{parentName:"admonition"},"However, to allow for ",(0,n.kt)("a",{parentName:"p",href:"/0.7/cluster-registration#manager-initiated"},"manager-initiated registration")," of downstream clusters, a few extra settings are required. Without the API server URL and the CA, only ",(0,n.kt)("a",{parentName:"p",href:"/0.7/cluster-registration#agent-initiated"},"agent-initiated registration")," of downstream clusters is possible.")),(0,n.kt)("h3",{id:"api-server-url-and-ca-certificate"},"API Server URL and CA certificate"),(0,n.kt)("p",null,"In order for your Fleet management installation to properly work it is important\nthe correct API server URL and CA certificates are configured properly. The Fleet agents\nwill communicate to the Kubernetes API server URL. This means the Kubernetes\nAPI server must be accessible to the downstream clusters. You will also need\nto obtain the CA certificate of the API server. The easiest way to obtain this information\nis typically from your kubeconfig file (",(0,n.kt)("inlineCode",{parentName:"p"},"$HOME/.kube/config"),"). The ",(0,n.kt)("inlineCode",{parentName:"p"},"server"),",\n",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data"),", or ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority")," fields will have these values."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-yaml",metastring:'title="$HOME/.kube/config"',title:'"$HOME/.kube/config"'},"apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTi...\n server: https://example.com:6443\n")),(0,n.kt)("h4",{id:"extract-ca-certificate"},"Extract CA certificate"),(0,n.kt)("p",null,"Please note that the ",(0,n.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," field is base64 encoded and will need to be\ndecoded before you save it into a file. This can be done by saving the base64 encoded contents to\na file and then running"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"base64 -d encoded-file > ca.pem\n")),(0,n.kt)("p",null,"Next, retrieve the CA certificate from your kubeconfig."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"extractca",label:"Extract First",mdxType:"TabItem"},"If you have `jq` and `base64` available then this one-liners will pull all CA certificates from your `KUBECONFIG` and place then in a file named `ca.pem`.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl config view -o json --raw | jq -r '.clusters[].cluster[\"certificate-authority-data\"]' | base64 -d > ca.pem\n"))),(0,n.kt)(o.Z,{value:"extractcas",label:"Multiple Entries",mdxType:"TabItem"},"Or, if you have a multi-cluster setup, you can use this command:",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nkubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTERNAME").cluster["certificate-authority-data"]\' | base64 -d > ca.pem\n')))),(0,n.kt)("h4",{id:"extract-api-server"},"Extract API Server"),(0,n.kt)("p",null,"If you have a multi-cluster setup, you can use this command:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'# replace CLUSTERNAME with the name of the cluster according to your KUBECONFIG\nAPI_SERVER_URL=$(kubectl config view -o json --raw | jq -r \'.clusters[] | select(.name=="CLUSTER").cluster["server"]\')\n# Leave empty if your API server is signed by a well known CA\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("h4",{id:"validate"},"Validate"),(0,n.kt)("p",null,"First validate the server URL is correct."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fLk "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"The output of this command should be JSON with the version of the Kubernetes server or a ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," error.\nIf you do not get either of these results than please ensure you have the correct URL. The API server port is typically\n6443 for Kubernetes."),(0,n.kt)("p",null,"Next validate that the CA certificate is proper by running the below command. If your API server is signed by a\nwell known CA then omit the ",(0,n.kt)("inlineCode",{parentName:"p"},'--cacert "$API_SERVER_CA"')," part of the command."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'curl -fL --cacert "$API_SERVER_CA" "$API_SERVER_URL/version"\n')),(0,n.kt)("p",null,"If you get a valid JSON response or an ",(0,n.kt)("inlineCode",{parentName:"p"},"401 Unauthorized")," then it worked. The Unauthorized error is\nonly because the curl command is not setting proper credentials, but this validates that the TLS\nconnection work and the ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is correct for this URL. If you get a ",(0,n.kt)("inlineCode",{parentName:"p"},"SSL certificate problem")," then\nthe ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," is not correct. The contents of the ",(0,n.kt)("inlineCode",{parentName:"p"},"$API_SERVER_CA")," file should look similar to the below:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-pem",metastring:'title="ca.pem"',title:'"ca.pem"'},"-----BEGIN CERTIFICATE-----\nMIIBVjCB/qADAgECAgEAMAoGCCqGSM49BAMCMCMxITAfBgNVBAMMGGszcy1zZXJ2\nZXItY2FAMTU5ODM5MDQ0NzAeFw0yMDA4MjUyMTIwNDdaFw0zMDA4MjMyMTIwNDda\nMCMxITAfBgNVBAMMGGszcy1zZXJ2ZXItY2FAMTU5ODM5MDQ0NzBZMBMGByqGSM49\nAgEGCCqGSM49AwEHA0IABDXlQNkXnwUPdbSgGz5Rk6U9ldGFjF6y1YyF36cNGk4E\n0lMgNcVVD9gKuUSXEJk8tzHz3ra/+yTwSL5xQeLHBl+jIzAhMA4GA1UdDwEB/wQE\nAwICpDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIFMtZ5gGDoDs\nciRyve+T4xbRNVHES39tjjup/LuN4tAgAiAteeB3jgpTMpZyZcOOHl9gpZ8PgEcN\nKDs/pb3fnMTtpA==\n-----END CERTIFICATE-----\n")),(0,n.kt)("h3",{id:"install-for-multi-cluster"},"Install for Multi-Cluster"),(0,n.kt)("p",null,"In the following example it will be assumed the API server URL from the ",(0,n.kt)("inlineCode",{parentName:"p"},"KUBECONFIG")," which is ",(0,n.kt)("inlineCode",{parentName:"p"},"https://example.com:6443"),"\nand the CA certificate is in the file ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem"),". If your API server URL is signed by a well-known CA you can\nomit the ",(0,n.kt)("inlineCode",{parentName:"p"},"apiServerCA")," parameter below or just create an empty ",(0,n.kt)("inlineCode",{parentName:"p"},"ca.pem")," file (ie ",(0,n.kt)("inlineCode",{parentName:"p"},"touch ca.pem"),")."),(0,n.kt)("p",null,"Setup the environment with your specific values, e.g.:"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},'API_SERVER_URL="https://example.com:6443"\nAPI_SERVER_CA="ca.pem"\n')),(0,n.kt)("p",null,"Once you have validated the API server URL and API server CA parameters, install the following two\nHelm charts."),(0,n.kt)(i.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"install2",label:"Install",default:!0,mdxType:"TabItem"},"First add Fleet's Helm repository.",(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm repo add fleet https://rancher.github.io/fleet-helm-charts/"),(0,n.kt)("p",null,"Second install the Fleet CustomResourcesDefintions."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",r.d.next.fleetCRD),(0,n.kt)("p",null,"Third install the Fleet controllers."),(0,n.kt)(s.Z,{language:"bash",mdxType:"CodeBlock"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set apiServerURL="$API_SERVER_URL" \\\n --set-file apiServerCA="$API_SERVER_CA" \\\n fleet'," ",r.d.next.fleet)),(0,n.kt)(o.Z,{value:"verifiy2",label:"Verify",mdxType:"TabItem"},"Fleet should be ready to use. You can check the status of the Fleet controller pods by running the below commands.",(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")))),(0,n.kt)("p",null,"At this point the Fleet manager should be ready. You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.7/cluster-registration"},"register clusters")," and ",(0,n.kt)("a",{parentName:"p",href:"/0.7/gitrepo-add#create-gitrepo-instance"},"git repos")," with\nthe Fleet manager."))}f.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/e483f3c9.f237c062.js b/assets/js/e483f3c9.bb67bc2f.js similarity index 98% rename from assets/js/e483f3c9.f237c062.js rename to assets/js/e483f3c9.bb67bc2f.js index 34729dbf4..028961055 100644 --- a/assets/js/e483f3c9.f237c062.js +++ b/assets/js/e483f3c9.bb67bc2f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[614],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},l="Core Concepts",s={unversionedId:"concepts",id:"version-0.9/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.9/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.9/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/concepts.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.9/architecture"},next:{title:"Bundle Lifecycle",permalink:"/0.9/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.9/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.9/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.9/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[614],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||o;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,l=new Array(o);l[0]=m;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,l[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},l="Core Concepts",s={unversionedId:"concepts",id:"version-0.9/concepts",title:"Core Concepts",description:"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers",source:"@site/versioned_docs/version-0.9/concepts.md",sourceDirName:".",slug:"/concepts",permalink:"/0.9/concepts",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/concepts.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Architecture",permalink:"/0.9/architecture"},next:{title:"Bundle Lifecycle",permalink:"/0.9/ref-bundle-stages"}},i={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"core-concepts"},"Core Concepts"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers\nto manage GitOps for a single Kubernetes cluster or a large-scale deployment of Kubernetes clusters."),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},"For more on the naming conventions of CRDs, click ",(0,a.kt)("a",{parentName:"p",href:"/0.9/troubleshooting#naming-conventions-for-crds"},"here"),".")),(0,a.kt)("p",null,"Below are some of the concepts of Fleet that will be useful throughout this documentation:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet Manager"),": The centralized component that orchestrates the deployments of Kubernetes assets\nfrom git. In a multi-cluster setup, this will typically be a dedicated Kubernetes cluster. In a\nsingle cluster setup, the Fleet manager will be running on the same cluster you are managing with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet controller"),": The controller(s) running on the Fleet manager orchestrating GitOps. In practice,\nthe Fleet manager and Fleet controllers are used fairly interchangeably."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Single Cluster Style"),": This is a style of installing Fleet in which the manager and downstream cluster are the\nsame cluster. This is a very simple pattern to quickly get up and running with GitOps."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Multi Cluster Style"),": This is a style of running Fleet in which you have a central manager that manages a large\nnumber of downstream clusters."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"Fleet agent"),": Every managed downstream cluster will run an agent that communicates back to the Fleet manager.\nThis agent is just another set of Kubernetes controllers running in the downstream cluster."),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("strong",{parentName:"li"},"GitRepo"),": Git repositories that are watched by Fleet are represented by the type ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),".")),(0,a.kt)("blockquote",null,(0,a.kt)("p",{parentName:"blockquote"},(0,a.kt)("strong",{parentName:"p"},"Example installation order via ",(0,a.kt)("inlineCode",{parentName:"strong"},"GitRepo")," custom resources when using Fleet for the configuration management of downstream clusters:")),(0,a.kt)("ol",{parentName:"blockquote"},(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/projectcalico/calico"},"Calico")," CRDs and controllers."),(0,a.kt)("li",{parentName:"ol"},"Set one or multiple cluster-level global network policies."),(0,a.kt)("li",{parentName:"ol"},"Install ",(0,a.kt)("a",{parentName:"li",href:"https://github.com/open-policy-agent/gatekeeper"},"GateKeeper"),". Note that ",(0,a.kt)("strong",{parentName:"li"},"cluster labels")," and ",(0,a.kt)("strong",{parentName:"li"},"overlays")," are critical features in Fleet as they determine which clusters will get each part of the bundle."),(0,a.kt)("li",{parentName:"ol"},"Set up and configure ingress and system daemons."))),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Bundle"),": An internal unit used for the orchestration of resources from git.\nWhen a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is scanned it will produce one or more bundles. Bundles are a collection of\nresources that get deployed to a cluster. ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is the fundamental deployment unit used in Fleet. The\ncontents of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," may be Kubernetes manifests, Kustomize configuration, or Helm charts.\nRegardless of the source the contents are dynamically rendered into a Helm chart by the agent\nand installed into the downstream cluster as a helm release."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"To see the ",(0,a.kt)("strong",{parentName:"li"},"life cycle of a bundle"),", click ",(0,a.kt)("a",{parentName:"li",href:"/0.9/ref-bundle-stages"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"BundleDeployment"),": When a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is deployed to a cluster an instance of a ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," is called a ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment"),".\nA ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," represents the state of that ",(0,a.kt)("inlineCode",{parentName:"p"},"Bundle")," on a specific cluster with its cluster specific\ncustomizations. The Fleet agent is only aware of ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," resources that are created for\nthe cluster the agent is managing."),(0,a.kt)("ul",{parentName:"li"},(0,a.kt)("li",{parentName:"ul"},"For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click ",(0,a.kt)("a",{parentName:"li",href:"/0.9/gitrepo-targets#customization-per-cluster"},"here"),"."))),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Downstream Cluster"),": Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster Registration Token"),": Tokens used by agents to register a new cluster."))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/e4b5e952.e8ee7393.js b/assets/js/e4b5e952.961d1592.js similarity index 98% rename from assets/js/e4b5e952.e8ee7393.js rename to assets/js/e4b5e952.961d1592.js index fc57f17ed..2ff3efd17 100644 --- a/assets/js/e4b5e952.e8ee7393.js +++ b/assets/js/e4b5e952.961d1592.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1830],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),u=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,u._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[u,i]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),b=(()=>{const e=u??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{b&&o(b)}),[b]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:o,selectValue:u,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=i[a].value;l!==o&&(d(t),u(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",g)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},9526:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>m,frontMatter:()=>u,metadata:()=>c,toc:()=>p});var l=a(7462),n=(a(7294),a(3905)),r=(a(6828),a(814)),s=a(4866),o=a(5162);const u={},i="Quick Start",c={unversionedId:"quickstart",id:"version-0.9/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.9/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.9/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/quickstart.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.9/"},next:{title:"Creating a Deployment",permalink:"/0.9/tut-deployment"}},d={},p=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],h={toc:p};function m(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null," Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is\nfairly straightforward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)(s.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/")),(0,n.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/"))),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd\n","helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet"),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}m.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1830],{5162:(e,t,a)=>{a.d(t,{Z:()=>s});var l=a(7294),n=a(6010);const r="tabItem_Ymn6";function s(e){let{children:t,hidden:a,className:s}=e;return l.createElement("div",{role:"tabpanel",className:(0,n.Z)(r,s),hidden:a},t)}},4866:(e,t,a)=>{a.d(t,{Z:()=>E});var l=a(7462),n=a(7294),r=a(6010),s=a(2466),o=a(6550),u=a(1980),i=a(7392),c=a(12);function d(e){return function(e){return n.Children.map(e,(e=>{if((0,n.isValidElement)(e)&&"value"in e.props)return e;throw new Error(`Docusaurus error: Bad child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the component should be , and every should have a unique "value" prop.`)}))}(e).map((e=>{let{props:{value:t,label:a,attributes:l,default:n}}=e;return{value:t,label:a,attributes:l,default:n}}))}function p(e){const{values:t,children:a}=e;return(0,n.useMemo)((()=>{const e=t??d(a);return function(e){const t=(0,i.l)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in . Every value needs to be unique.`)}(e),e}),[t,a])}function h(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function m(e){let{queryString:t=!1,groupId:a}=e;const l=(0,o.k6)(),r=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,u._X)(r),(0,n.useCallback)((e=>{if(!r)return;const t=new URLSearchParams(l.location.search);t.set(r,e),l.replace({...l.location,search:t.toString()})}),[r,l])]}function f(e){const{defaultValue:t,queryString:a=!1,groupId:l}=e,r=p(e),[s,o]=(0,n.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the component requires at least one children component");if(t){if(!h({value:t,tabValues:a}))throw new Error(`Docusaurus error: The has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const l=a.find((e=>e.default))??a[0];if(!l)throw new Error("Unexpected error: 0 tabValues");return l.value}({defaultValue:t,tabValues:r}))),[u,i]=m({queryString:a,groupId:l}),[d,f]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[l,r]=(0,c.Nk)(a);return[l,(0,n.useCallback)((e=>{a&&r.set(e)}),[a,r])]}({groupId:l}),b=(()=>{const e=u??d;return h({value:e,tabValues:r})?e:null})();(0,n.useLayoutEffect)((()=>{b&&o(b)}),[b]);return{selectedValue:s,selectValue:(0,n.useCallback)((e=>{if(!h({value:e,tabValues:r}))throw new Error(`Can't select invalid tab value=${e}`);o(e),i(e),f(e)}),[i,f,r]),tabValues:r}}var b=a(2389);const g="tabList__CuJ",k="tabItem_LNqP";function v(e){let{className:t,block:a,selectedValue:o,selectValue:u,tabValues:i}=e;const c=[],{blockElementScrollPositionUntilNextRender:d}=(0,s.o5)(),p=e=>{const t=e.currentTarget,a=c.indexOf(t),l=i[a].value;l!==o&&(d(t),u(l))},h=e=>{var t;let a=null;switch(e.key){case"Enter":p(e);break;case"ArrowRight":{const t=c.indexOf(e.currentTarget)+1;a=c[t]??c[0];break}case"ArrowLeft":{const t=c.indexOf(e.currentTarget)-1;a=c[t]??c[c.length-1];break}}null==(t=a)||t.focus()};return n.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,r.Z)("tabs",{"tabs--block":a},t)},i.map((e=>{let{value:t,label:a,attributes:s}=e;return n.createElement("li",(0,l.Z)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>c.push(e),onKeyDown:h,onClick:p},s,{className:(0,r.Z)("tabs__item",k,null==s?void 0:s.className,{"tabs__item--active":o===t})}),a??t)})))}function y(e){let{lazy:t,children:a,selectedValue:l}=e;if(a=Array.isArray(a)?a:[a],t){const e=a.find((e=>e.props.value===l));return e?(0,n.cloneElement)(e,{className:"margin-top--md"}):null}return n.createElement("div",{className:"margin-top--md"},a.map(((e,t)=>(0,n.cloneElement)(e,{key:t,hidden:e.props.value!==l}))))}function w(e){const t=f(e);return n.createElement("div",{className:(0,r.Z)("tabs-container",g)},n.createElement(v,(0,l.Z)({},e,t)),n.createElement(y,(0,l.Z)({},e,t)))}function E(e){const t=(0,b.Z)();return n.createElement(w,(0,l.Z)({key:String(t)},e))}},6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},9526:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>m,frontMatter:()=>u,metadata:()=>c,toc:()=>p});var l=a(7462),n=(a(7294),a(3905)),r=(a(6828),a(814)),s=a(4866),o=a(5162);const u={},i="Quick Start",c={unversionedId:"quickstart",id:"version-0.9/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.9/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.9/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/quickstart.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.9/"},next:{title:"Creating a Deployment",permalink:"/0.9/tut-deployment"}},d={},p=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to Watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],h={toc:p};function m(e){let{components:t,...u}=e;return(0,n.kt)("wrapper",(0,l.Z)({},h,u,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,(0,n.kt)("img",{src:a(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null," Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is\nfairly straightforward. To install the Helm 3 CLI follow the ",(0,n.kt)("a",{href:"https://helm.sh/docs/intro/install"},"official install instructions"),"."),(0,n.kt)("admonition",{title:"Fleet in Rancher",type:"caution"},(0,n.kt)("p",{parentName:"admonition"},"Rancher has separate helm charts for Fleet and uses a different repository.")),(0,n.kt)(s.Z,{mdxType:"Tabs"},(0,n.kt)(o.Z,{value:"linux",label:"Linux/Mac",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"brew install helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/")),(0,n.kt)(o.Z,{value:"windows",label:"Windows",default:!0,mdxType:"TabItem"},(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"choco install kubernetes-helm\n","helm repo add fleet https://rancher.github.io/fleet-helm-charts/"))),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \\\n fleet/fleet-crd\n","helm -n cattle-fleet-system install --create-namespace --wait fleet \\\n fleet/fleet"),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to Watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}m.isMDXComponent=!0},1313:(e,t,a)=>{a.d(t,{Z:()=>l});const l=a.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/e50ee9c3.5c30726c.js b/assets/js/e50ee9c3.bacf9e6e.js similarity index 98% rename from assets/js/e50ee9c3.5c30726c.js rename to assets/js/e50ee9c3.bacf9e6e.js index 074c4b511..0103f806b 100644 --- a/assets/js/e50ee9c3.5c30726c.js +++ b/assets/js/e50ee9c3.bacf9e6e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7677],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),i=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=i(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=i(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},d),{},{components:n})):r.createElement(m,s({ref:t},d))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>i});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"version-0.8/cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.8/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.8/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cluster-bundles-state.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/0.8/cli/fleet-controller/fleet-manager"},next:{title:"Cluster Registration Internals",permalink:"/0.8/ref-registration"}},u={},i=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],d={toc:i};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7677],{3905:(e,t,n)=>{n.d(t,{Zo:()=>d,kt:()=>f});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function s(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var u=r.createContext({}),i=function(e){var t=r.useContext(u),n=t;return e&&(n="function"==typeof e?e(t):s(s({},t),e)),n},d=function(e){var t=i(e.components);return r.createElement(u.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},c=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,u=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),c=i(n),f=a,m=c["".concat(u,".").concat(f)]||c[f]||p[f]||l;return n?r.createElement(m,s(s({ref:t},d),{},{components:n})):r.createElement(m,s({ref:t},d))}));function f(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,s=new Array(l);s[0]=c;var o={};for(var u in t)hasOwnProperty.call(t,u)&&(o[u]=t[u]);o.originalType=e,o.mdxType="string"==typeof e?e:a,s[1]=o;for(var i=2;i{n.r(t),n.d(t,{assets:()=>u,contentTitle:()=>s,default:()=>p,frontMatter:()=>l,metadata:()=>o,toc:()=>i});var r=n(7462),a=(n(7294),n(3905));const l={},s="Cluster and Bundle State",o={unversionedId:"cluster-bundles-state",id:"version-0.8/cluster-bundles-state",title:"Cluster and Bundle State",description:"Clusters and Bundles have different states in each phase of applying Bundles.",source:"@site/versioned_docs/version-0.8/cluster-bundles-state.md",sourceDirName:".",slug:"/cluster-bundles-state",permalink:"/0.8/cluster-bundles-state",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/cluster-bundles-state.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"fleet-manager",permalink:"/0.8/cli/fleet-controller/fleet-manager"},next:{title:"Cluster Registration Internals",permalink:"/0.8/ref-registration"}},u={},i=[{value:"Bundles",id:"bundles",level:2},{value:"Clusters",id:"clusters",level:2}],d={toc:i};function p(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"cluster-and-bundle-state"},"Cluster and Bundle State"),(0,a.kt)("p",null,"Clusters and Bundles have different states in each phase of applying Bundles."),(0,a.kt)("h2",{id:"bundles"},"Bundles"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles have been deployed and all resources are ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": Bundles have been deployed and some resources are not ready."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": Bundles are being processed by Fleet controller."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository."),(0,a.kt)("h2",{id:"clusters"},"Clusters"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn"),": Waiting for agent to report registration information and cluster status back."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"NotReady"),": There are bundles in this cluster that are in NotReady state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"WaitApplied"),": There are bundles in this cluster that are in WaitApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"ErrApplied"),": There are bundles in this cluster that are in ErrApplied state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"OutOfSync"),": There are bundles in this cluster that are in OutOfSync state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Pending"),": There are bundles in this cluster that are in Pending state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified"),": There are bundles in this cluster that are in Modified state."),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Ready"),": Bundles in this cluster have been deployed and all resources are ready."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/e6339806.cfc35cfb.js b/assets/js/e6339806.7b549079.js similarity index 98% rename from assets/js/e6339806.cfc35cfb.js rename to assets/js/e6339806.7b549079.js index 3ff9c6b95..615fbc683 100644 --- a/assets/js/e6339806.cfc35cfb.js +++ b/assets/js/e6339806.7b549079.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6702],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.9/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.9/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.9/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/uninstall.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/0.9/tut-deployment"},next:{title:"Architecture",permalink:"/0.9/architecture"}},s={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6702],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.9/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.9/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.9/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/uninstall.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/0.9/tut-deployment"},next:{title:"Architecture",permalink:"/0.9/architecture"}},s={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/e7acee98.7d352577.js b/assets/js/e7acee98.b3e29861.js similarity index 98% rename from assets/js/e7acee98.7d352577.js rename to assets/js/e7acee98.b3e29861.js index 730781a81..f752493e6 100644 --- a/assets/js/e7acee98.7d352577.js +++ b/assets/js/e7acee98.b3e29861.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7179],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>m});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function i(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),l=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):i(i({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,c=e.parentName,u=a(e,["components","mdxType","originalType","parentName"]),d=l(r),m=o,f=d["".concat(c,".").concat(m)]||d[m]||p[m]||s;return r?n.createElement(f,i(i({ref:t},u),{},{components:r})):n.createElement(f,i({ref:t},u))}));function m(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,i=new Array(s);i[0]=d;var a={};for(var c in t)hasOwnProperty.call(t,c)&&(a[c]=t[c]);a.originalType=e,a.mdxType="string"==typeof e?e:o,i[1]=a;for(var l=2;l{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>s,metadata:()=>a,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},i="Custom Resources During Deployment",a={unversionedId:"resources-during-deployment",id:"version-0.9/resources-during-deployment",title:"Custom Resources During Deployment",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/versioned_docs/version-0.9/resources-during-deployment.md",sourceDirName:".",slug:"/resources-during-deployment",permalink:"/0.9/resources-during-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/resources-during-deployment.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.9/namespaces"},next:{title:"Installation Details",permalink:"/0.9/installation"}},c={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources-during-deployment"},"Custom Resources During Deployment"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7179],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>m});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function s(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function i(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var c=n.createContext({}),l=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):i(i({},t),e)),r},u=function(e){var t=l(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,s=e.originalType,c=e.parentName,u=a(e,["components","mdxType","originalType","parentName"]),d=l(r),m=o,f=d["".concat(c,".").concat(m)]||d[m]||p[m]||s;return r?n.createElement(f,i(i({ref:t},u),{},{components:r})):n.createElement(f,i({ref:t},u))}));function m(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var s=r.length,i=new Array(s);i[0]=d;var a={};for(var c in t)hasOwnProperty.call(t,c)&&(a[c]=t[c]);a.originalType=e,a.mdxType="string"==typeof e?e:o,i[1]=a;for(var l=2;l{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>s,metadata:()=>a,toc:()=>l});var n=r(7462),o=(r(7294),r(3905));const s={},i="Custom Resources During Deployment",a={unversionedId:"resources-during-deployment",id:"version-0.9/resources-during-deployment",title:"Custom Resources During Deployment",description:"This shows the resources, also the internal ones, involved in creating a deployment from a git repository.",source:"@site/versioned_docs/version-0.9/resources-during-deployment.md",sourceDirName:".",slug:"/resources-during-deployment",permalink:"/0.9/resources-during-deployment",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/resources-during-deployment.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Namespaces",permalink:"/0.9/namespaces"},next:{title:"Installation Details",permalink:"/0.9/installation"}},c={},l=[],u={toc:l};function p(e){let{components:t,...s}=e;return(0,o.kt)("wrapper",(0,n.Z)({},u,s,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"custom-resources-during-deployment"},"Custom Resources During Deployment"),(0,o.kt)("p",null,"This shows the resources, also the internal ones, involved in creating a deployment from a git repository."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Resources",src:r(925).Z,width:"831",height:"1341"})))}p.isMDXComponent=!0},925:(e,t,r)=>{r.d(t,{Z:()=>n});const n=r.p+"assets/images/FleetResources-66df436672452ab68d89ed76da51a7bb.svg"}}]); \ No newline at end of file diff --git a/assets/js/e89d2f4d.2eeb8533.js b/assets/js/e89d2f4d.09cdda4b.js similarity index 98% rename from assets/js/e89d2f4d.2eeb8533.js rename to assets/js/e89d2f4d.09cdda4b.js index 6b5223564..eee251492 100644 --- a/assets/js/e89d2f4d.2eeb8533.js +++ b/assets/js/e89d2f4d.09cdda4b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8049],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.6/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.6/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.6/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/uninstall.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/0.6/tut-deployment"},next:{title:"Architecture",permalink:"/0.6/architecture"}},s={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8049],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function o(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,f=m["".concat(s,".").concat(d)]||m[d]||u[d]||l;return n?r.createElement(f,o(o({ref:t},p),{},{components:n})):r.createElement(f,o({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,o=new Array(l);o[0]=m;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const l={},o="Uninstall",i={unversionedId:"uninstall",id:"version-0.6/uninstall",title:"Uninstall",description:"Fleet is packaged as two Helm charts so uninstall is accomplished by",source:"@site/versioned_docs/version-0.6/uninstall.md",sourceDirName:".",slug:"/uninstall",permalink:"/0.6/uninstall",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/uninstall.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Creating a Deployment",permalink:"/0.6/tut-deployment"},next:{title:"Architecture",permalink:"/0.6/architecture"}},s={},c=[],p={toc:c};function u(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"uninstall"},"Uninstall"),(0,a.kt)("p",null,"Fleet is packaged as two Helm charts so uninstall is accomplished by\nuninstalling the appropriate Helm charts. To uninstall Fleet run the following\ntwo commands:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-shell"},"helm -n cattle-fleet-system uninstall fleet\nhelm -n cattle-fleet-system uninstall fleet-crd\n")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},"Uninstalling the CRDs will remove all deployed workloads.")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/e9efc8c6.70e4dd98.js b/assets/js/e9efc8c6.97550f7f.js similarity index 99% rename from assets/js/e9efc8c6.70e4dd98.js rename to assets/js/e9efc8c6.97550f7f.js index 7fe1b7dd2..1b3cad3d1 100644 --- a/assets/js/e9efc8c6.70e4dd98.js +++ b/assets/js/e9efc8c6.97550f7f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5e3],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.7/bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.7/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.7/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/bundle-diffs.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.7/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/0.7/webhook"}},l={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-examples/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec."),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5e3],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var l=a.createContext({}),p=function(e){var n=a.useContext(l),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(l.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,l=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(l,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var s={};for(var l in n)hasOwnProperty.call(n,l)&&(s[l]=n[l]);s.originalType=e,s.mdxType="string"==typeof e?e:o,r[1]=s;for(var p=2;p{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>s,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",s={unversionedId:"bundle-diffs",id:"version-0.7/bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/versioned_docs/version-0.7/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/0.7/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/bundle-diffs.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/0.7/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/0.7/webhook"}},l={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-examples/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec."),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file diff --git a/assets/js/eaf5d4dd.ca78ae6c.js b/assets/js/eaf5d4dd.f205a478.js similarity index 97% rename from assets/js/eaf5d4dd.ca78ae6c.js rename to assets/js/eaf5d4dd.f205a478.js index 63eee132b..607286eae 100644 --- a/assets/js/eaf5d4dd.ca78ae6c.js +++ b/assets/js/eaf5d4dd.f205a478.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8469],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>m});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),d=s(r),m=a,g=d["".concat(c,".").concat(m)]||d[m]||p[m]||o;return r?n.createElement(g,l(l({ref:t},f),{},{components:r})):n.createElement(g,l({ref:t},f))}));function m(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,l=new Array(o);l[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,l[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>s});var n=r(7462),a=(r(7294),r(3905));const o={title:"",sidebar_label:"fleet-manager gitjob"},l=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager_gitjob",id:"cli/fleet-controller/fleet-manager_gitjob",title:"",description:"fleet-manager gitjob",source:"@site/docs/cli/fleet-controller/fleet-manager_gitjob.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager_gitjob",permalink:"/cli/fleet-controller/fleet-manager_gitjob",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-controller/fleet-manager_gitjob.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager gitjob"}},c={},s=[{value:"fleet-manager gitjob",id:"fleet-manager-gitjob",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-manager-gitjob"},"fleet-manager gitjob"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-manager gitjob [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --gitjob-image string The gitjob image that will be used in the generated job. (default "rancher/fleet:dev")\n -h, --help help for gitjob\n --kubeconfig string Kubeconfig file\n --leader-elect Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.\n --listen string The port the webhook listens. (default ":8080")\n --metrics-bind-address string The address the metric endpoint binds to. (default ":8081")\n --namespace string namespace to watch (default "cattle-fleet-system")\n')),(0,a.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --disable-gitops disable gitops components\n --disable-metrics disable metrics\n --shard-id string only manage resources labeled with a specific shard ID\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager"},"fleet-manager"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8469],{3905:(e,t,r)=>{r.d(t,{Zo:()=>f,kt:()=>m});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),s=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},f=function(e){var t=s(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,f=i(e,["components","mdxType","originalType","parentName"]),d=s(r),m=a,g=d["".concat(c,".").concat(m)]||d[m]||p[m]||o;return r?n.createElement(g,l(l({ref:t},f),{},{components:r})):n.createElement(g,l({ref:t},f))}));function m(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,l=new Array(o);l[0]=d;var i={};for(var c in t)hasOwnProperty.call(t,c)&&(i[c]=t[c]);i.originalType=e,i.mdxType="string"==typeof e?e:a,l[1]=i;for(var s=2;s{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>l,default:()=>p,frontMatter:()=>o,metadata:()=>i,toc:()=>s});var n=r(7462),a=(r(7294),r(3905));const o={title:"",sidebar_label:"fleet-manager gitjob"},l=void 0,i={unversionedId:"cli/fleet-controller/fleet-manager_gitjob",id:"cli/fleet-controller/fleet-manager_gitjob",title:"",description:"fleet-manager gitjob",source:"@site/docs/cli/fleet-controller/fleet-manager_gitjob.md",sourceDirName:"cli/fleet-controller",slug:"/cli/fleet-controller/fleet-manager_gitjob",permalink:"/cli/fleet-controller/fleet-manager_gitjob",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-controller/fleet-manager_gitjob.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet-manager gitjob"}},c={},s=[{value:"fleet-manager gitjob",id:"fleet-manager-gitjob",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],f={toc:s};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},f,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h2",{id:"fleet-manager-gitjob"},"fleet-manager gitjob"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"fleet-manager gitjob [flags]\n")),(0,a.kt)("h3",{id:"options"},"Options"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},' --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n --gitjob-image string The gitjob image that will be used in the generated job. (default "rancher/fleet:dev")\n -h, --help help for gitjob\n --kubeconfig string Kubeconfig file\n --leader-elect Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.\n --listen string The port the webhook listens. (default ":8080")\n --metrics-bind-address string The address the metric endpoint binds to. (default ":8081")\n --namespace string namespace to watch (default "cattle-fleet-system")\n')),(0,a.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"}," --disable-gitops disable gitops components\n --disable-metrics disable metrics\n --shard-id string only manage resources labeled with a specific shard ID\n")),(0,a.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("a",{parentName:"li",href:"./fleet-manager"},"fleet-manager"),"\t -")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/ebf52154.2ee362db.js b/assets/js/ebf52154.1b3155d3.js similarity index 98% rename from assets/js/ebf52154.2ee362db.js rename to assets/js/ebf52154.1b3155d3.js index e6b2530a2..19df381c6 100644 --- a/assets/js/ebf52154.2ee362db.js +++ b/assets/js/ebf52154.1b3155d3.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6393],{6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},1453:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>u});var l=a(7462),n=(a(7294),a(3905)),s=a(6828),r=a(814);const o={},i="Quick Start",c={unversionedId:"quickstart",id:"version-0.5/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.5/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.5/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/quickstart.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.5/"},next:{title:"Core Concepts",permalink:"/0.5/concepts"}},d={},u=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],p={toc:u};function h(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null,"Get helm if you don't have it. Helm 3 is just a CLI and won't do bad insecure\nthings to your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",s.d["v0.5"].fleetCRD,"\nhelm -n cattle-fleet-system install --create-namespace --wait \\\n fleet"," ",s.d["v0.5"].fleet),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6393],{6828:(e,t,a)=>{a.d(t,{d:()=>l});const l={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},1453:(e,t,a)=>{a.r(t),a.d(t,{assets:()=>d,contentTitle:()=>i,default:()=>h,frontMatter:()=>o,metadata:()=>c,toc:()=>u});var l=a(7462),n=(a(7294),a(3905)),s=a(6828),r=a(814);const o={},i="Quick Start",c={unversionedId:"quickstart",id:"version-0.5/quickstart",title:"Quick Start",description:"Who needs documentation, lets just run this thing!",source:"@site/versioned_docs/version-0.5/quickstart.md",sourceDirName:".",slug:"/quickstart",permalink:"/0.5/quickstart",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/quickstart.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Overview",permalink:"/0.5/"},next:{title:"Core Concepts",permalink:"/0.5/concepts"}},d={},u=[{value:"Install",id:"install",level:2},{value:"Add a Git Repo to watch",id:"add-a-git-repo-to-watch",level:2},{value:"Get Status",id:"get-status",level:2}],p={toc:u};function h(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,l.Z)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"quick-start"},"Quick Start"),(0,n.kt)("p",null,"Who needs documentation, lets just run this thing!"),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null,"Get helm if you don't have it. Helm 3 is just a CLI and won't do bad insecure\nthings to your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,n.kt)("p",null,"Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)"),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",s.d["v0.5"].fleetCRD,"\nhelm -n cattle-fleet-system install --create-namespace --wait \\\n fleet"," ",s.d["v0.5"].fleet),(0,n.kt)("h2",{id:"add-a-git-repo-to-watch"},"Add a Git Repo to watch"),(0,n.kt)("p",null,"Change ",(0,n.kt)("inlineCode",{parentName:"p"},"spec.repo")," to your git repo of choice. Kubernetes manifest files that should\nbe deployed should be in ",(0,n.kt)("inlineCode",{parentName:"p"},"/manifests")," in your repo."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-bash"},'cat > example.yaml << "EOF"\napiVersion: fleet.cattle.io/v1alpha1\nkind: GitRepo\nmetadata:\n name: sample\n # This namespace is special and auto-wired to deploy to the local cluster\n namespace: fleet-local\nspec:\n # Everything from this repo will be run in this cluster. You trust me right?\n repo: "https://github.com/rancher/fleet-examples"\n paths:\n - simple\nEOF\n\nkubectl apply -f example.yaml\n')),(0,n.kt)("h2",{id:"get-status"},"Get Status"),(0,n.kt)("p",null,"Get status of what fleet is doing"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n fleet-local get fleet\n")),(0,n.kt)("p",null,"You should see something like this get created in your cluster."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"kubectl get deploy frontend\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY UP-TO-DATE AVAILABLE AGE\nfrontend 3/3 3 3 116m\n")),(0,n.kt)("p",null,"Enjoy and read the ",(0,n.kt)("a",{parentName:"p",href:"https://rancher.github.io/fleet"},"docs"),"."))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/ec9fa214.ad5ae25a.js b/assets/js/ec9fa214.417f266e.js similarity index 99% rename from assets/js/ec9fa214.ad5ae25a.js rename to assets/js/ec9fa214.417f266e.js index 20dac2067..5889a89e7 100644 --- a/assets/js/ec9fa214.ad5ae25a.js +++ b/assets/js/ec9fa214.417f266e.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[247],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"version-0.8/multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/versioned_docs/version-0.8/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/0.8/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/multi-user.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/0.8/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/0.8/gitrepo-add"}},i={},c=[{value:"Example User",id:"example-user",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,a.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,a.kt)("p",null,"One addition on top of RBAC is the ",(0,a.kt)("a",{parentName:"p",href:"/0.8/namespaces#restricting-gitrepos"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,a.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,a.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,a.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,a.kt)("admonition",{title:"important information",type:"warning"},(0,a.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,a.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,a.kt)("h2",{id:"example-user"},"Example User"),(0,a.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,a.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,a.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,a.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,a.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,a.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,a.kt)("a",{parentName:"p",href:"/0.8/namespaces#cross-namespace-deployments"},(0,a.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,a.kt)("p",null,"The ",(0,a.kt)("a",{parentName:"p",href:"/0.8/gitrepo-targets"},(0,a.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,a.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,a.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,a.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,a.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,a.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,a.kt)("p",null,"This includes the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,a.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,a.kt)("p",null,"Together with the previous ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,a.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[247],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"version-0.8/multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/versioned_docs/version-0.8/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/0.8/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/multi-user.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/0.8/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/0.8/gitrepo-add"}},i={},c=[{value:"Example User",id:"example-user",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,a.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,a.kt)("p",null,"One addition on top of RBAC is the ",(0,a.kt)("a",{parentName:"p",href:"/0.8/namespaces#restricting-gitrepos"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,a.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,a.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,a.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,a.kt)("admonition",{title:"important information",type:"warning"},(0,a.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,a.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,a.kt)("h2",{id:"example-user"},"Example User"),(0,a.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,a.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,a.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,a.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,a.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,a.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,a.kt)("a",{parentName:"p",href:"/0.8/namespaces#cross-namespace-deployments"},(0,a.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,a.kt)("p",null,"The ",(0,a.kt)("a",{parentName:"p",href:"/0.8/gitrepo-targets"},(0,a.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,a.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,a.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,a.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,a.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,a.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,a.kt)("p",null,"This includes the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,a.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,a.kt)("p",null,"Together with the previous ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,a.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file diff --git a/assets/js/f060f65c.dbedeadb.js b/assets/js/f060f65c.2f3d6e58.js similarity index 99% rename from assets/js/f060f65c.dbedeadb.js rename to assets/js/f060f65c.2f3d6e58.js index 20be5d0a4..72e02cc72 100644 --- a/assets/js/f060f65c.dbedeadb.js +++ b/assets/js/f060f65c.2f3d6e58.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2402],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.9/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.9/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.9/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/namespaces.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/0.9/gitrepo-content"},next:{title:"Custom Resources During Deployment",permalink:"/0.9/resources-during-deployment"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are use in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/0.9/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/0.9/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/0.9/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("p",null,"The cluster registration namespace contains the cluster and the clusterregistration resources, as well as any gitrepos and bundles."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2402],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function s(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(s[a]=e[a]);return s}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(s[a]=e[a])}return s}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,s=e.mdxType,l=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=s,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||l;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,s=t&&t.mdxType;if("string"==typeof e||s){var l=a.length,r=new Array(l);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:s,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var n=a(7462),s=(a(7294),a(3905));const l={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.9/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.9/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.9/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/namespaces.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Git Repository Contents",permalink:"/0.9/gitrepo-content"},next:{title:"Custom Resources During Deployment",permalink:"/0.9/resources-during-deployment"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"GitRepo Namespace",id:"gitrepo-namespace",level:3},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local (local workspace, cluster registration namespace)",id:"fleet-local-local-workspace-cluster-registration-namespace",level:3},{value:"cattle-fleet-system (system namespace)",id:"cattle-fleet-system-system-namespace",level:3},{value:"cattle-fleet-clusters-system (system registration namespace)",id:"cattle-fleet-clusters-system-system-registration-namespace",level:3},{value:"Cluster Namespaces",id:"cluster-namespaces",level:3},{value:"Cross Namespace Deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2},{value:"Allowed Target Namespaces",id:"allowed-target-namespaces",level:3}],c={toc:p};function m(e){let{components:t,...l}=e;return(0,s.kt)("wrapper",(0,n.Z)({},c,l,{components:t,mdxType:"MDXLayout"}),(0,s.kt)("h1",{id:"namespaces"},"Namespaces"),(0,s.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are use in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,s.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,s.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,s.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,s.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,s.kt)("h3",{id:"gitrepo-namespace"},"GitRepo Namespace"),(0,s.kt)("p",null,"Git repos are added to the Fleet manager using the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," custom resource type. The ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," type is namespaced. By default, Rancher will create two Fleet workspaces: ",(0,s.kt)("strong",{parentName:"p"},"fleet-default")," and ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),"."),(0,s.kt)("ul",null,(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-default")," will contain all the downstream clusters that are already registered through Rancher."),(0,s.kt)("li",{parentName:"ul"},(0,s.kt)("inlineCode",{parentName:"li"},"Fleet-local")," will contain the local cluster by default.")),(0,s.kt)("p",null,"If you are using Fleet in a ",(0,s.kt)("a",{parentName:"p",href:"/0.9/concepts"},"single cluster")," style, the namespace will always be ",(0,s.kt)("strong",{parentName:"p"},"fleet-local"),". Check ",(0,s.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/namespaces/#fleet-local"},"here")," for more on the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace."),(0,s.kt)("p",null,"For a ",(0,s.kt)("a",{parentName:"p",href:"/0.9/concepts"},"multi-cluster")," style, please ensure you use the correct repo that will map to the right target clusters."),(0,s.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,s.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,s.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,s.kt)("p",null,"An overview of the ",(0,s.kt)("a",{parentName:"p",href:"/0.9/namespaces"},"namespaces")," used by fleet and their resources."),(0,s.kt)("p",null,(0,s.kt)("img",{alt:"Namespace",src:a(3159).Z,width:"1437",height:"1731"})),(0,s.kt)("h3",{id:"fleet-local-local-workspace-cluster-registration-namespace"},"fleet-local (local workspace, cluster registration namespace)"),(0,s.kt)("p",null,"The ",(0,s.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,s.kt)("p",null,"When fleet is installed the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,s.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,s.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,s.kt)("inlineCode",{parentName:"p"},"local")," ",(0,s.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,s.kt)("p",null,"The cluster registration namespace contains the cluster and the clusterregistration resources, as well as any gitrepos and bundles."),(0,s.kt)("h3",{id:"cattle-fleet-system-system-namespace"},"cattle-fleet-system (system namespace)"),(0,s.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,s.kt)("h3",{id:"cattle-fleet-clusters-system-system-registration-namespace"},"cattle-fleet-clusters-system (system registration namespace)"),(0,s.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,s.kt)("h3",{id:"cluster-namespaces"},"Cluster Namespaces"),(0,s.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,s.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,s.kt)("h2",{id:"cross-namespace-deployments"},"Cross Namespace Deployments"),(0,s.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,s.kt)("p",null,"If you are creating a ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,s.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,s.kt)("p",null,"A ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,s.kt)("p",null,"If the ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,s.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,s.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,s.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,s.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,s.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,s.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,s.kt)("p",null,"A namespace can contain multiple ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,s.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,s.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,s.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,s.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,s.kt)("pre",null,(0,s.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\nallowedTargetNamespaces: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')),(0,s.kt)("h3",{id:"allowed-target-namespaces"},"Allowed Target Namespaces"),(0,s.kt)("p",null,"This can be used to limit a deployment to a set of namespaces on a downstream cluster.\nIf an allowedTargetNamespaces restriction is present, all ",(0,s.kt)("inlineCode",{parentName:"p"},"GitRepos")," must\nspecify a ",(0,s.kt)("inlineCode",{parentName:"p"},"targetNamespace")," and the specified namespace must be in the allow\nlist.\nThis also prevents the creation of cluster wide resources."))}m.isMDXComponent=!0},3159:(e,t,a)=>{a.d(t,{Z:()=>n});const n=a.p+"assets/images/FleetNamespaces-4e461907ba4d5bbf6b309d125383bdb5.svg"}}]); \ No newline at end of file diff --git a/assets/js/f0907b6d.13499ab7.js b/assets/js/f0907b6d.0da8b219.js similarity index 97% rename from assets/js/f0907b6d.13499ab7.js rename to assets/js/f0907b6d.0da8b219.js index 9c38be2b9..6500b1114 100644 --- a/assets/js/f0907b6d.13499ab7.js +++ b/assets/js/f0907b6d.0da8b219.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3156],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>g});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=c(e,["components","mdxType","originalType","parentName"]),f=s(r),g=o,d=f["".concat(i,".").concat(g)]||f[g]||u[g]||a;return r?n.createElement(d,l(l({ref:t},p),{},{components:r})):n.createElement(d,l({ref:t},p))}));function g(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,l=new Array(a);l[0]=f;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:o,l[1]=c;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>c,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"0.4 Changelogs"},l=void 0,c={unversionedId:"changelogs/index",id:"version-0.4/changelogs/index",title:"0.4 Changelogs",description:"* Fleet v0.4.1 (latest)",source:"@site/versioned_docs/version-0.4/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.4/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/changelogs/index.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.4 Changelogs"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("p",{parentName:"li"},(0,o.kt)("a",{parentName:"p",href:"/0.4/changelogs/changelogs/v0.4.1"},"Fleet v0.4.1")," (latest)")),(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("p",{parentName:"li"},(0,o.kt)("a",{parentName:"p",href:"/0.4/changelogs/changelogs/v0.4.0"},"Fleet v0.4.0")))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3156],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>g});var n=r(7294);function o(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function l(e){for(var t=1;t=0||(o[r]=e[r]);return o}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(o[r]=e[r])}return o}var i=n.createContext({}),s=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):l(l({},t),e)),r},p=function(e){var t=s(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},f=n.forwardRef((function(e,t){var r=e.components,o=e.mdxType,a=e.originalType,i=e.parentName,p=c(e,["components","mdxType","originalType","parentName"]),f=s(r),g=o,d=f["".concat(i,".").concat(g)]||f[g]||u[g]||a;return r?n.createElement(d,l(l({ref:t},p),{},{components:r})):n.createElement(d,l({ref:t},p))}));function g(e,t){var r=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var a=r.length,l=new Array(a);l[0]=f;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:o,l[1]=c;for(var s=2;s{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>a,metadata:()=>c,toc:()=>s});var n=r(7462),o=(r(7294),r(3905));const a={title:"0.4 Changelogs"},l=void 0,c={unversionedId:"changelogs/index",id:"version-0.4/changelogs/index",title:"0.4 Changelogs",description:"* Fleet v0.4.1 (latest)",source:"@site/versioned_docs/version-0.4/changelogs/index.md",sourceDirName:"changelogs",slug:"/changelogs/",permalink:"/0.4/changelogs/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/changelogs/index.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"0.4 Changelogs"}},i={},s=[],p={toc:s};function u(e){let{components:t,...r}=e;return(0,o.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("ul",null,(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("p",{parentName:"li"},(0,o.kt)("a",{parentName:"p",href:"/0.4/changelogs/changelogs/v0.4.1"},"Fleet v0.4.1")," (latest)")),(0,o.kt)("li",{parentName:"ul"},(0,o.kt)("p",{parentName:"li"},(0,o.kt)("a",{parentName:"p",href:"/0.4/changelogs/changelogs/v0.4.0"},"Fleet v0.4.0")))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f14b6af8.677bb474.js b/assets/js/f14b6af8.c69dc1d0.js similarity index 98% rename from assets/js/f14b6af8.677bb474.js rename to assets/js/f14b6af8.c69dc1d0.js index 6e7fba973..6664b23bc 100644 --- a/assets/js/f14b6af8.677bb474.js +++ b/assets/js/f14b6af8.c69dc1d0.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6469],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||o;return n?r.createElement(m,a(a({ref:t},p),{},{components:n})):r.createElement(m,a({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=n.length,a=new Array(o);a[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>f,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet apply"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"version-0.6/cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/versioned_docs/version-0.6/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/0.6/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-cli/fleet_apply.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/0.6/cli/fleet-cli/fleet"},next:{title:"fleet test",permalink:"/0.6/cli/fleet-cli/fleet_test"}},s={},c=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -h, --help help for apply\n -l, --label strings Labels to apply to created bundles\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6469],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},u=r.forwardRef((function(e,t){var n=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),d=l,m=u["".concat(s,".").concat(d)]||u[d]||f[d]||o;return n?r.createElement(m,a(a({ref:t},p),{},{components:n})):r.createElement(m,a({ref:t},p))}));function d(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=n.length,a=new Array(o);a[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>f,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var r=n(7462),l=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet apply"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"version-0.6/cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/versioned_docs/version-0.6/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/0.6/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cli/fleet-cli/fleet_apply.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/0.6/cli/fleet-cli/fleet"},next:{title:"fleet test",permalink:"/0.6/cli/fleet-cli/fleet_test"}},s={},c=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,r.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n -h, --help help for apply\n -l, --label strings Labels to apply to created bundles\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f2761eee.8db49e02.js b/assets/js/f2761eee.b9aa8af8.js similarity index 99% rename from assets/js/f2761eee.8db49e02.js rename to assets/js/f2761eee.b9aa8af8.js index c51398128..c803a8da8 100644 --- a/assets/js/f2761eee.8db49e02.js +++ b/assets/js/f2761eee.b9aa8af8.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3062],{3905:(t,e,n)=>{n.d(e,{Zo:()=>d,kt:()=>s});var r=n(7294);function a(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function l(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function o(t){for(var e=1;e=0||(a[n]=t[n]);return a}(t,e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(t);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(t,n)&&(a[n]=t[n])}return a}var p=r.createContext({}),u=function(t){var e=r.useContext(p),n=e;return t&&(n="function"==typeof t?t(e):o(o({},e),t)),n},d=function(t){var e=u(t.components);return r.createElement(p.Provider,{value:e},t.children)},m={inlineCode:"code",wrapper:function(t){var e=t.children;return r.createElement(r.Fragment,{},e)}},c=r.forwardRef((function(t,e){var n=t.components,a=t.mdxType,l=t.originalType,p=t.parentName,d=i(t,["components","mdxType","originalType","parentName"]),c=u(n),s=a,g=c["".concat(p,".").concat(s)]||c[s]||m[s]||l;return n?r.createElement(g,o(o({ref:e},d),{},{components:n})):r.createElement(g,o({ref:e},d))}));function s(t,e){var n=arguments,a=e&&e.mdxType;if("string"==typeof t||a){var l=n.length,o=new Array(l);o[0]=c;var i={};for(var p in e)hasOwnProperty.call(e,p)&&(i[p]=e[p]);i.originalType=t,i.mdxType="string"==typeof t?t:a,o[1]=i;for(var u=2;u{n.r(e),n.d(e,{assets:()=>p,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>u});var r=n(7462),a=(n(7294),n(3905));const l={},o="List of Deployed Resources",i={unversionedId:"ref-resources",id:"version-0.9/ref-resources",title:"List of Deployed Resources",description:"After installing Fleet in Rancher these resources are created in the upstream cluster.",source:"@site/versioned_docs/version-0.9/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/0.9/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-resources.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/0.9/ref-configuration"},next:{title:"Custom Resources Spec",permalink:"/0.9/ref-crds"}},p={},u=[],d={toc:u};function m(t){let{components:e,...n}=t;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:e,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"list-of-deployed-resources"},"List of Deployed Resources"),(0,a.kt)("p",null,"After installing Fleet in Rancher these resources are created in the upstream cluster."),(0,a.kt)("table",null,(0,a.kt)("thead",{parentName:"table"},(0,a.kt)("tr",{parentName:"thead"},(0,a.kt)("th",{parentName:"tr",align:null},"Type"),(0,a.kt)("th",{parentName:"tr",align:null},"Name"),(0,a.kt)("th",{parentName:"tr",align:null},"Namespace"))),(0,a.kt)("tbody",{parentName:"table"},(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"From Helm, intial setup:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob-binding"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ConfigMap"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Service"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Generated:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterGroup"),(0,a.kt)("td",{parentName:"tr",align:null},"default"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"For each registered cluster:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null},"by default fleet-default")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"generated"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BundleDeployment"),(0,a.kt)("td",{parentName:"tr",align:null},"cluster-fleet-local-local-ID"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local")))),(0,a.kt)("p",null,"Also see ","[namespaces]"))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3062],{3905:(t,e,n)=>{n.d(e,{Zo:()=>d,kt:()=>s});var r=n(7294);function a(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function l(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function o(t){for(var e=1;e=0||(a[n]=t[n]);return a}(t,e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(t);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(t,n)&&(a[n]=t[n])}return a}var p=r.createContext({}),u=function(t){var e=r.useContext(p),n=e;return t&&(n="function"==typeof t?t(e):o(o({},e),t)),n},d=function(t){var e=u(t.components);return r.createElement(p.Provider,{value:e},t.children)},m={inlineCode:"code",wrapper:function(t){var e=t.children;return r.createElement(r.Fragment,{},e)}},c=r.forwardRef((function(t,e){var n=t.components,a=t.mdxType,l=t.originalType,p=t.parentName,d=i(t,["components","mdxType","originalType","parentName"]),c=u(n),s=a,g=c["".concat(p,".").concat(s)]||c[s]||m[s]||l;return n?r.createElement(g,o(o({ref:e},d),{},{components:n})):r.createElement(g,o({ref:e},d))}));function s(t,e){var n=arguments,a=e&&e.mdxType;if("string"==typeof t||a){var l=n.length,o=new Array(l);o[0]=c;var i={};for(var p in e)hasOwnProperty.call(e,p)&&(i[p]=e[p]);i.originalType=t,i.mdxType="string"==typeof t?t:a,o[1]=i;for(var u=2;u{n.r(e),n.d(e,{assets:()=>p,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>i,toc:()=>u});var r=n(7462),a=(n(7294),n(3905));const l={},o="List of Deployed Resources",i={unversionedId:"ref-resources",id:"version-0.9/ref-resources",title:"List of Deployed Resources",description:"After installing Fleet in Rancher these resources are created in the upstream cluster.",source:"@site/versioned_docs/version-0.9/ref-resources.md",sourceDirName:".",slug:"/ref-resources",permalink:"/0.9/ref-resources",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/ref-resources.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/0.9/ref-configuration"},next:{title:"Custom Resources Spec",permalink:"/0.9/ref-crds"}},p={},u=[],d={toc:u};function m(t){let{components:e,...n}=t;return(0,a.kt)("wrapper",(0,r.Z)({},d,n,{components:e,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"list-of-deployed-resources"},"List of Deployed Resources"),(0,a.kt)("p",null,"After installing Fleet in Rancher these resources are created in the upstream cluster."),(0,a.kt)("table",null,(0,a.kt)("thead",{parentName:"table"},(0,a.kt)("tr",{parentName:"thead"},(0,a.kt)("th",{parentName:"tr",align:null},"Type"),(0,a.kt)("th",{parentName:"tr",align:null},"Name"),(0,a.kt)("th",{parentName:"tr",align:null},"Namespace"))),(0,a.kt)("tbody",{parentName:"table"},(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"From Helm, intial setup:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRole"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterRoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob-binding"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ConfigMap"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Deployment"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Role"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"RoleBinding"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Service"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-controller"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ServiceAccount"),(0,a.kt)("td",{parentName:"tr",align:null},"gitjob"),(0,a.kt)("td",{parentName:"tr",align:null},"cattle-fleet-system")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Generated:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"local"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"ClusterGroup"),(0,a.kt)("td",{parentName:"tr",align:null},"default"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-local")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"For each registered cluster:"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.provisioning.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null}),(0,a.kt)("td",{parentName:"tr",align:null},"by default fleet-default")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.management.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"generated"),(0,a.kt)("td",{parentName:"tr",align:null},"-")),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"clusters.fleet.cattle.io"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"Bundle"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-default"),(0,a.kt)("td",{parentName:"tr",align:null})),(0,a.kt)("tr",{parentName:"tbody"},(0,a.kt)("td",{parentName:"tr",align:null},"BundleDeployment"),(0,a.kt)("td",{parentName:"tr",align:null},"cluster-fleet-local-local-ID"),(0,a.kt)("td",{parentName:"tr",align:null},"fleet-agent-local")))),(0,a.kt)("p",null,"Also see ","[namespaces]"))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f2839486.528c4b79.js b/assets/js/f2839486.122c5d65.js similarity index 99% rename from assets/js/f2839486.528c4b79.js rename to assets/js/f2839486.122c5d65.js index 5ff7f93d2..dfbbd9094 100644 --- a/assets/js/f2839486.528c4b79.js +++ b/assets/js/f2839486.122c5d65.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4384],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),h=c(a),p=l,m=h["".concat(s,".").concat(p)]||h[p]||u[p]||n;return a?r.createElement(m,i(i({ref:t},d),{},{components:a})):r.createElement(m,i({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,i=new Array(n);i[0]=h;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>n,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"",date:"2024-02-22 09:30:48 +0000 UTC"},i=void 0,o={unversionedId:"changelogs/changelogs/v0.8.2",id:"version-0.8/changelogs/changelogs/v0.8.2",title:"",description:"(rancherio-gh-m) released this 2024-02-22 0948 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.2.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.2",permalink:"/0.8/changelogs/changelogs/v0.8.2",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.2.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",date:"2024-02-22 09:30:48 +0000 UTC"},sidebar:"docs",previous:{title:"v0.8.1",permalink:"/0.8/changelogs/changelogs/v0.8.1"},next:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.3"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function u(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-02-22 09:30:48 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add helm version to capabilities by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rancherbot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rancherbot"},"@rancherbot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1919242055","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1820","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1820/hovercard",href:"https://github.com/rancher/fleet/pull/1820"},"#1820"))),(0,l.kt)("h3",null,"Performance"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Use index when listing BundleDeployments by Bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1941729004","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1859","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1859/hovercard",href:"https://github.com/rancher/fleet/pull/1859"},"#1859")),(0,l.kt)("li",null,"Replace json-based implementation of DeepCopy on GenericMap by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2006641252","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1956","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1956/hovercard",href:"https://github.com/rancher/fleet/pull/1956"},"#1956")),(0,l.kt)("li",null,"Use UniqueApplyForResourceVersion in Bundle and GitRepo GeneratingHandlers by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2074725279","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2055","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2055/hovercard",href:"https://github.com/rancher/fleet/pull/2055"},"#2055"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Initialise cluster registration labels map if empty by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2078587574","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2063","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2063/hovercard",href:"https://github.com/rancher/fleet/pull/2063"},"#2063"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump BCI images and Gitjob by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2006696224","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1957","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1957/hovercard",href:"https://github.com/rancher/fleet/pull/1957"},"#1957")),(0,l.kt)("li",null,"OCI auth test changes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2008494976","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1963","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1963/hovercard",href:"https://github.com/rancher/fleet/pull/1963"},"#1963")),(0,l.kt)("li",null,"Remove s390x by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2076167734","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2056","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2056/hovercard",href:"https://github.com/rancher/fleet/pull/2056"},"#2056")),(0,l.kt)("li",null,"Update CI for k8s 1.28 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2081748640","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2071","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2071/hovercard",href:"https://github.com/rancher/fleet/pull/2071"},"#2071")),(0,l.kt)("li",null,"Bump modules to k8s 0.27 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2085916428","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2083","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2083/hovercard",href:"https://github.com/rancher/fleet/pull/2083"},"#2083"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.1...v0.8.2"},(0,l.kt)("tt",null,"v0.8.1...v0.8.2"))),(0,l.kt)("h3",null,"Gitjob"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add azure devops webhook support by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2065877024","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/401","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/401/hovercard",href:"https://github.com/rancher/gitjob/pull/401"},"rancher/gitjob#401"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Gitjob Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/gitjob/compare/v0.1.76-security1...v0.8.2"},"rancher/gitjob@",(0,l.kt)("tt",null,"v0.1.76-security1...v0.8.2"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-crd-0.8.2.tgz"},"fleet-crd-0.8.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-agent-0.8.2.tgz"},"fleet-agent-0.8.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-0.8.2.tgz"},"fleet-0.8.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.2"},"here"))))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4384],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>p});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function i(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):i(i({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},h=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,d=o(e,["components","mdxType","originalType","parentName"]),h=c(a),p=l,m=h["".concat(s,".").concat(p)]||h[p]||u[p]||n;return a?r.createElement(m,i(i({ref:t},d),{},{components:a})):r.createElement(m,i({ref:t},d))}));function p(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,i=new Array(n);i[0]=h;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>u,frontMatter:()=>n,metadata:()=>o,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"",date:"2024-02-22 09:30:48 +0000 UTC"},i=void 0,o={unversionedId:"changelogs/changelogs/v0.8.2",id:"version-0.8/changelogs/changelogs/v0.8.2",title:"",description:"(rancherio-gh-m) released this 2024-02-22 0948 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.2.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.2",permalink:"/0.8/changelogs/changelogs/v0.8.2",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.2.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",date:"2024-02-22 09:30:48 +0000 UTC"},sidebar:"docs",previous:{title:"v0.8.1",permalink:"/0.8/changelogs/changelogs/v0.8.1"},next:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.3"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function u(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-02-22 09:30:48 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"Notes"),(0,l.kt)("h2",null,"Additions"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add helm version to capabilities by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/rancherbot/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/rancherbot"},"@rancherbot")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1919242055","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1820","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1820/hovercard",href:"https://github.com/rancher/fleet/pull/1820"},"#1820"))),(0,l.kt)("h3",null,"Performance"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Use index when listing BundleDeployments by Bundle by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"1941729004","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1859","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1859/hovercard",href:"https://github.com/rancher/fleet/pull/1859"},"#1859")),(0,l.kt)("li",null,"Replace json-based implementation of DeepCopy on GenericMap by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2006641252","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1956","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1956/hovercard",href:"https://github.com/rancher/fleet/pull/1956"},"#1956")),(0,l.kt)("li",null,"Use UniqueApplyForResourceVersion in Bundle and GitRepo GeneratingHandlers by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2074725279","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2055","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2055/hovercard",href:"https://github.com/rancher/fleet/pull/2055"},"#2055"))),(0,l.kt)("h2",null,"Bugfixes"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Initialise cluster registration labels map if empty by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/weyfonk/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/weyfonk"},"@weyfonk")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2078587574","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2063","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2063/hovercard",href:"https://github.com/rancher/fleet/pull/2063"},"#2063"))),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump BCI images and Gitjob by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2006696224","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1957","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1957/hovercard",href:"https://github.com/rancher/fleet/pull/1957"},"#1957")),(0,l.kt)("li",null,"OCI auth test changes by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2008494976","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/1963","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/1963/hovercard",href:"https://github.com/rancher/fleet/pull/1963"},"#1963")),(0,l.kt)("li",null,"Remove s390x by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/aruiz14/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/aruiz14"},"@aruiz14")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2076167734","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2056","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2056/hovercard",href:"https://github.com/rancher/fleet/pull/2056"},"#2056")),(0,l.kt)("li",null,"Update CI for k8s 1.28 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2081748640","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2071","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2071/hovercard",href:"https://github.com/rancher/fleet/pull/2071"},"#2071")),(0,l.kt)("li",null,"Bump modules to k8s 0.27 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/manno/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/manno"},"@manno")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2085916428","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2083","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2083/hovercard",href:"https://github.com/rancher/fleet/pull/2083"},"#2083"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.1...v0.8.2"},(0,l.kt)("tt",null,"v0.8.1...v0.8.2"))),(0,l.kt)("h3",null,"Gitjob"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Add azure devops webhook support by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/raulcabello/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/raulcabello"},"@raulcabello")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2065877024","data-permission-text":"Title is private","data-url":"https://github.com/rancher/gitjob/issues/401","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/gitjob/pull/401/hovercard",href:"https://github.com/rancher/gitjob/pull/401"},"rancher/gitjob#401"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Gitjob Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/gitjob/compare/v0.1.76-security1...v0.8.2"},"rancher/gitjob@",(0,l.kt)("tt",null,"v0.1.76-security1...v0.8.2"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-crd-0.8.2.tgz"},"fleet-crd-0.8.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-agent-0.8.2.tgz"},"fleet-agent-0.8.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-0.8.2.tgz"},"fleet-0.8.2.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.2/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.2"},"here"))))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f347fdc1.c4131768.js b/assets/js/f347fdc1.12b24ad5.js similarity index 98% rename from assets/js/f347fdc1.c4131768.js rename to assets/js/f347fdc1.12b24ad5.js index 26e08424a..92487350a 100644 --- a/assets/js/f347fdc1.c4131768.js +++ b/assets/js/f347fdc1.12b24ad5.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[307],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),m=r,h=u["".concat(s,".").concat(m)]||u[m]||d[m]||l;return n?a.createElement(h,o(o({ref:t},p),{},{components:n})):a.createElement(h,o({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const l={},o="Create a Bundle Resource",i={unversionedId:"bundle-add",id:"version-0.8/bundle-add",title:"Create a Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created. In most cases Bundles should not be created",source:"@site/versioned_docs/version-0.8/bundle-add.md",sourceDirName:".",slug:"/bundle-add",permalink:"/0.8/bundle-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/bundle-add.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/0.8/imagescan"},next:{title:"fleet-agent",permalink:"/0.8/cli/fleet-agent/"}},s={},c=[{value:"Limitations",id:"limitations",level:2},{value:"Convert a Helm Chart into a Bundle",id:"convert-a-helm-chart-into-a-bundle",level:2}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-bundle-resource"},"Create a Bundle Resource"),(0,r.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created. In most cases ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundles")," should not be created\nmanually by the user. If you want to deploy resources from a git repository use a\n",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-add"},"GitRepo")," instead."),(0,r.kt)("p",null,"If you want to deploy resources without a git repository follow this guide to create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle"),"."),(0,r.kt)("p",null,"When creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," Fleet will fetch the resources from a git repository, and add them to a Bundle.\nWhen creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," resources need to be explicitly specified in the ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Spec.\nResources can be compressed with gz. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher/blob/v2.7.3/pkg/controllers/provisioningv2/managedchart/managedchart.go#L149-L153"},"here"),"\nan example of how Rancher uses compression in go code."),(0,r.kt)("p",null,"If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),".\nSee ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-targets#defining-targets"},"Mapping to Downstream Clusters"),"."),(0,r.kt)("p",null,"The following example creates a nginx ",(0,r.kt)("inlineCode",{parentName:"p"},"Deployment")," in the local cluster:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n resources:\n # List of all resources that will be deployed\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n targets:\n - clusterName: local\n\n")),(0,r.kt)("h2",{id:"limitations"},"Limitations"),(0,r.kt)("p",null,"Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.repo")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.charts"))),(0,r.kt)("p",null,"You can't use a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in resources, it is only used by the fleet-cli to create bundles."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targetRestrictions")," field is not useful, as it is an allow list for targets specified in ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets"),". It is not needed, since ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," are explicitly given in a bundle and an empty ",(0,r.kt)("inlineCode",{parentName:"p"},"targetRestrictions")," defaults to allow."),(0,r.kt)("h2",{id:"convert-a-helm-chart-into-a-bundle"},"Convert a Helm Chart into a Bundle"),(0,r.kt)("p",null,"You can use the Fleet CLI to convert a Helm chart into a bundle."),(0,r.kt)("p",null,'For example, you can download and convert the "external secrets" operator chart like this:'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"cat > targets.yaml < app/fleet.yaml < eso-bundle.yaml\n\nkubectl apply -f eso-bundle.yaml\n")),(0,r.kt)("p",null,"Make sure you use a cluster selector in ",(0,r.kt)("inlineCode",{parentName:"p"},"targets.yaml"),", that matches all clusters you want to deploy to."),(0,r.kt)("p",null,"The blog post on ",(0,r.kt)("a",{parentName:"p",href:"https://www.suse.com/c/rancher_blog/fleet-multi-cluster-deployment-with-the-help-of-external-secrets/"},"Fleet: Multi-Cluster Deployment with the Help of External Secrets")," has more information."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[307],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function o(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):o(o({},t),e)),n},p=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},u=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),u=c(n),m=r,h=u["".concat(s,".").concat(m)]||u[m]||d[m]||l;return n?a.createElement(h,o(o({ref:t},p),{},{components:n})):a.createElement(h,o({ref:t},p))}));function m(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var l=n.length,o=new Array(l);o[0]=u;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:r,o[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var a=n(7462),r=(n(7294),n(3905));const l={},o="Create a Bundle Resource",i={unversionedId:"bundle-add",id:"version-0.8/bundle-add",title:"Create a Bundle Resource",description:"Bundles are automatically created by Fleet when a GitRepo is created. In most cases Bundles should not be created",source:"@site/versioned_docs/version-0.8/bundle-add.md",sourceDirName:".",slug:"/bundle-add",permalink:"/0.8/bundle-add",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/bundle-add.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Image Scan to Update Container Image References",permalink:"/0.8/imagescan"},next:{title:"fleet-agent",permalink:"/0.8/cli/fleet-agent/"}},s={},c=[{value:"Limitations",id:"limitations",level:2},{value:"Convert a Helm Chart into a Bundle",id:"convert-a-helm-chart-into-a-bundle",level:2}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"create-a-bundle-resource"},"Create a Bundle Resource"),(0,r.kt)("p",null,"Bundles are automatically created by Fleet when a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," is created. In most cases ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundles")," should not be created\nmanually by the user. If you want to deploy resources from a git repository use a\n",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-add"},"GitRepo")," instead."),(0,r.kt)("p",null,"If you want to deploy resources without a git repository follow this guide to create a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle"),"."),(0,r.kt)("p",null,"When creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo")," Fleet will fetch the resources from a git repository, and add them to a Bundle.\nWhen creating a ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," resources need to be explicitly specified in the ",(0,r.kt)("inlineCode",{parentName:"p"},"Bundle")," Spec.\nResources can be compressed with gz. See ",(0,r.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher/blob/v2.7.3/pkg/controllers/provisioningv2/managedchart/managedchart.go#L149-L153"},"here"),"\nan example of how Rancher uses compression in go code."),(0,r.kt)("p",null,"If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in ",(0,r.kt)("inlineCode",{parentName:"p"},"GitRepo"),".\nSee ",(0,r.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/gitrepo-targets#defining-targets"},"Mapping to Downstream Clusters"),"."),(0,r.kt)("p",null,"The following example creates a nginx ",(0,r.kt)("inlineCode",{parentName:"p"},"Deployment")," in the local cluster:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: Bundle\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n # Any name can be used here\n name: my-bundle\n # For single cluster use fleet-local, otherwise use the namespace of\n # your choosing\n namespace: fleet-local\nspec:\n resources:\n # List of all resources that will be deployed\n - content: |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: nginx-deployment\n labels:\n app: nginx\n spec:\n replicas: 3\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.14.2\n ports:\n - containerPort: 80\n name: nginx.yaml\n targets:\n - clusterName: local\n\n")),(0,r.kt)("h2",{id:"limitations"},"Limitations"),(0,r.kt)("p",null,"Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.repo")),(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("inlineCode",{parentName:"li"},"spec.helm.charts"))),(0,r.kt)("p",null,"You can't use a ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in resources, it is only used by the fleet-cli to create bundles."),(0,r.kt)("p",null,"The ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targetRestrictions")," field is not useful, as it is an allow list for targets specified in ",(0,r.kt)("inlineCode",{parentName:"p"},"spec.targets"),". It is not needed, since ",(0,r.kt)("inlineCode",{parentName:"p"},"targets")," are explicitly given in a bundle and an empty ",(0,r.kt)("inlineCode",{parentName:"p"},"targetRestrictions")," defaults to allow."),(0,r.kt)("h2",{id:"convert-a-helm-chart-into-a-bundle"},"Convert a Helm Chart into a Bundle"),(0,r.kt)("p",null,"You can use the Fleet CLI to convert a Helm chart into a bundle."),(0,r.kt)("p",null,'For example, you can download and convert the "external secrets" operator chart like this:'),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"cat > targets.yaml < app/fleet.yaml < eso-bundle.yaml\n\nkubectl apply -f eso-bundle.yaml\n")),(0,r.kt)("p",null,"Make sure you use a cluster selector in ",(0,r.kt)("inlineCode",{parentName:"p"},"targets.yaml"),", that matches all clusters you want to deploy to."),(0,r.kt)("p",null,"The blog post on ",(0,r.kt)("a",{parentName:"p",href:"https://www.suse.com/c/rancher_blog/fleet-multi-cluster-deployment-with-the-help-of-external-secrets/"},"Fleet: Multi-Cluster Deployment with the Help of External Secrets")," has more information."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f4793a78.9cdbb9b6.js b/assets/js/f4793a78.e4af4dc8.js similarity index 97% rename from assets/js/f4793a78.9cdbb9b6.js rename to assets/js/f4793a78.e4af4dc8.js index 9c0f60443..324171363 100644 --- a/assets/js/f4793a78.9cdbb9b6.js +++ b/assets/js/f4793a78.e4af4dc8.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5455],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.6/cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.6/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.6/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cluster-group.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/0.6/cluster-registration"},next:{title:"Setup Multi User",permalink:"/0.6/multi-user"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5455],{3905:(e,t,r)=>{r.d(t,{Zo:()=>i,kt:()=>d});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function s(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var c=n.createContext({}),u=function(e){var t=n.useContext(c),r=t;return e&&(r="function"==typeof e?e(t):s(s({},t),e)),r},i=function(e){var t=u(e.components);return n.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},m=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,o=e.originalType,c=e.parentName,i=l(e,["components","mdxType","originalType","parentName"]),m=u(r),d=a,f=m["".concat(c,".").concat(d)]||m[d]||p[d]||o;return r?n.createElement(f,s(s({ref:t},i),{},{components:r})):n.createElement(f,s({ref:t},i))}));function d(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=r.length,s=new Array(o);s[0]=m;var l={};for(var c in t)hasOwnProperty.call(t,c)&&(l[c]=t[c]);l.originalType=e,l.mdxType="string"==typeof e?e:a,s[1]=l;for(var u=2;u{r.r(t),r.d(t,{assets:()=>c,contentTitle:()=>s,default:()=>p,frontMatter:()=>o,metadata:()=>l,toc:()=>u});var n=r(7462),a=(r(7294),r(3905));const o={},s="Create Cluster Groups",l={unversionedId:"cluster-group",id:"version-0.6/cluster-group",title:"Create Cluster Groups",description:"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.",source:"@site/versioned_docs/version-0.6/cluster-group.md",sourceDirName:".",slug:"/cluster-group",permalink:"/0.6/cluster-group",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/cluster-group.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Register Downstream Clusters",permalink:"/0.6/cluster-registration"},next:{title:"Setup Multi User",permalink:"/0.6/multi-user"}},c={},u=[],i={toc:u};function p(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},i,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"create-cluster-groups"},"Create Cluster Groups"),(0,a.kt)("p",null,"Clusters in a namespace can be put into a cluster group. A cluster group is essentially a named selector.\nThe only parameter for a cluster group is essentially the selector.\nWhen you get to a certain scale cluster groups become a more reasonable way to manage your clusters.\nCluster groups serve the purpose of giving aggregated\nstatus of the deployments and then also a simpler way to manage targets."),(0,a.kt)("p",null,"A cluster group is created by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," resource like below"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: ClusterGroup\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: production-group\n namespace: clusters\nspec:\n # This is the standard metav1.LabelSelector format to match clusters by labels\n selector:\n matchLabels:\n env: prod\n")))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f531b716.5935129e.js b/assets/js/f531b716.794a8c86.js similarity index 98% rename from assets/js/f531b716.5935129e.js rename to assets/js/f531b716.794a8c86.js index ea0889940..be5f13edb 100644 --- a/assets/js/f531b716.5935129e.js +++ b/assets/js/f531b716.794a8c86.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5464],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=a.createContext({}),l=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=l(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,c=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=l(n),u=r,g=d["".concat(c,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var c in t)hasOwnProperty.call(t,c)&&(s[c]=t[c]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>l});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"version-0.6/imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.6/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.6/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/imagescan.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/0.6/webhook"},next:{title:"fleet-agent",permalink:"/0.6/cli/fleet-agent/"}},c={},l=[],m={toc:l};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order \n- policy: \n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver: \n range: "*" \n # can use ascending or descending order\n alphabetical:\n order: asc \n\n # specify images to scan\n image: "your.registry.com/repo/image" \n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret \n\n # Specify the scan interval\n interval: 5m \n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples \n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m \n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret \n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5464],{3905:(e,t,n)=>{n.d(t,{Zo:()=>m,kt:()=>u});var a=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var c=a.createContext({}),l=function(e){var t=a.useContext(c),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},m=function(e){var t=l(e.components);return a.createElement(c.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,c=e.parentName,m=s(e,["components","mdxType","originalType","parentName"]),d=l(n),u=r,g=d["".concat(c,".").concat(u)]||d[u]||p[u]||o;return n?a.createElement(g,i(i({ref:t},m),{},{components:n})):a.createElement(g,i({ref:t},m))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var c in t)hasOwnProperty.call(t,c)&&(s[c]=t[c]);s.originalType=e,s.mdxType="string"==typeof e?e:r,i[1]=s;for(var l=2;l{n.r(t),n.d(t,{assets:()=>c,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>l});var a=n(7462),r=(n(7294),n(3905));const o={},i="Using Image Scan to Update Container Image References",s={unversionedId:"imagescan",id:"version-0.6/imagescan",title:"Using Image Scan to Update Container Image References",description:"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,",source:"@site/versioned_docs/version-0.6/imagescan.md",sourceDirName:".",slug:"/imagescan",permalink:"/0.6/imagescan",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/imagescan.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Using Webhooks Instead of Polling",permalink:"/0.6/webhook"},next:{title:"fleet-agent",permalink:"/0.6/cli/fleet-agent/"}},c={},l=[],m={toc:l};function p(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,a.Z)({},m,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-image-scan-to-update-container-image-references"},"Using Image Scan to Update Container Image References"),(0,r.kt)("p",null,"Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository,\nwithout the need to manually update your manifests."),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"This feature is considered as experimental feature.")),(0,r.kt)("p",null,"Go to ",(0,r.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and add the following section."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'imageScans:\n# specify the policy to retrieve images, can be semver or alphabetical order \n- policy: \n # if range is specified, it will take the latest image according to semver order in the range\n # for more details on how to use semver, see https://github.com/Masterminds/semver\n semver: \n range: "*" \n # can use ascending or descending order\n alphabetical:\n order: asc \n\n # specify images to scan\n image: "your.registry.com/repo/image" \n\n # Specify the tag name, it has to be unique in the same bundle\n tagName: test-scan\n\n # specify secret to pull image if in private registry\n secretRef:\n name: dockerhub-secret \n\n # Specify the scan interval\n interval: 5m \n')),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can create multiple image scans in fleet.yaml.")),(0,r.kt)("p",null,"Go to your manifest files and update the field that you want to replace. For example:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: redis-slave\nspec:\n selector:\n matchLabels:\n app: redis\n role: slave\n tier: backend\n replicas: 2\n template:\n metadata:\n labels:\n app: redis\n role: slave\n tier: backend\n spec:\n containers:\n - name: slave\n image: : # {"$imagescan": "test-scan"}\n resources:\n requests:\n cpu: 100m\n memory: 100Mi\n ports:\n - containerPort: 6379\n')),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"There are multiple form of tagName you can reference. For example"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan"}'),": Use full image name(foo/bar:tag)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:name"}'),": Only use image name without tag(foo/bar)"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:tag"}'),": Only use image tag"),(0,r.kt)("p",{parentName:"admonition"},(0,r.kt)("inlineCode",{parentName:"p"},'{"$imagescan": "test-scan:digest"}'),": Use full image name with digest(foo/bar:",(0,r.kt)("a",{parentName:"p",href:"mailto:tag@sha256..."},"tag@sha256..."),")")),(0,r.kt)("p",null,"Create a GitRepo that includes your fleet.yaml"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-repo\n namespace: fleet-local\nspec:\n # change this to be your own repo\n repo: https://github.com/rancher/fleet-examples \n # define how long it will sync all the images and decide to apply change\n imageScanInterval: 5m \n # user must properly provide a secret that have write access to git repository\n clientSecretName: secret \n # specify the commit pattern\n imageScanCommit:\n authorName: foo\n authorEmail: foo@bar.com\n messageTemplate: "update image"\n')),(0,r.kt)("p",null,"Try pushing a new image tag, for example, ",(0,r.kt)("inlineCode",{parentName:"p"},":"),". Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml.\nOnce change is made into git repository, fleet will read through the change and deploy the change into your cluster."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f59af033.f895bdc0.js b/assets/js/f59af033.35f4883b.js similarity index 99% rename from assets/js/f59af033.f895bdc0.js rename to assets/js/f59af033.35f4883b.js index ba942c847..ce70fb48b 100644 --- a/assets/js/f59af033.f895bdc0.js +++ b/assets/js/f59af033.35f4883b.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5305],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"version-0.9/webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens).",source:"@site/versioned_docs/version-0.9/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.9/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/webhook.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.9/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/0.9/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens)."),(0,r.kt)("p",null,"For installations with multiple tens up to hundreds of Git repos, and in general to reduce latency (the time between a push to Git and fleet reacting to it), configuring webhooks is recommended instead of polling."),(0,r.kt)("p",null,"Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5305],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Using Webhooks Instead of Polling",l={unversionedId:"webhook",id:"version-0.9/webhook",title:"Using Webhooks Instead of Polling",description:"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens).",source:"@site/versioned_docs/version-0.9/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.9/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/webhook.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs to Ignore Modified GitRepos",permalink:"/0.9/bundle-diffs"},next:{title:"Using Image Scan to Update Container Image References",permalink:"/0.9/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"using-webhooks-instead-of-polling"},"Using Webhooks Instead of Polling"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens)."),(0,r.kt)("p",null,"For installations with multiple tens up to hundreds of Git repos, and in general to reduce latency (the time between a push to Git and fleet reacting to it), configuring webhooks is recommended instead of polling."),(0,r.kt)("p",null,"Fleet currently supports Github, GitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file diff --git a/assets/js/f63438e5.8e750922.js b/assets/js/f63438e5.783cc0dd.js similarity index 98% rename from assets/js/f63438e5.8e750922.js rename to assets/js/f63438e5.783cc0dd.js index 22e36a514..1c6f11422 100644 --- a/assets/js/f63438e5.8e750922.js +++ b/assets/js/f63438e5.783cc0dd.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[665],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Webhook",l={unversionedId:"webhook",id:"version-0.4/webhook",title:"Webhook",description:"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,",source:"@site/versioned_docs/version-0.4/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.4/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/webhook.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs for Modified GitRepos",permalink:"/0.4/bundle-diffs"},next:{title:"Image scan",permalink:"/0.4/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"webhook"},"Webhook"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,\nGitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[665],{3905:(e,t,o)=>{o.d(t,{Zo:()=>u,kt:()=>h});var n=o(7294);function r(e,t,o){return t in e?Object.defineProperty(e,t,{value:o,enumerable:!0,configurable:!0,writable:!0}):e[t]=o,e}function a(e,t){var o=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),o.push.apply(o,n)}return o}function i(e){for(var t=1;t=0||(r[o]=e[o]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,o)&&(r[o]=e[o])}return r}var s=n.createContext({}),c=function(e){var t=n.useContext(s),o=t;return e&&(o="function"==typeof e?e(t):i(i({},t),e)),o},u=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var o=e.components,r=e.mdxType,a=e.originalType,s=e.parentName,u=l(e,["components","mdxType","originalType","parentName"]),d=c(o),h=r,b=d["".concat(s,".").concat(h)]||d[h]||p[h]||a;return o?n.createElement(b,i(i({ref:t},u),{},{components:o})):n.createElement(b,i({ref:t},u))}));function h(e,t){var o=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var a=o.length,i=new Array(a);i[0]=d;var l={};for(var s in t)hasOwnProperty.call(t,s)&&(l[s]=t[s]);l.originalType=e,l.mdxType="string"==typeof e?e:r,i[1]=l;for(var c=2;c{o.r(t),o.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>a,metadata:()=>l,toc:()=>c});var n=o(7462),r=(o(7294),o(3905));const a={},i="Webhook",l={unversionedId:"webhook",id:"version-0.4/webhook",title:"Webhook",description:"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,",source:"@site/versioned_docs/version-0.4/webhook.md",sourceDirName:".",slug:"/webhook",permalink:"/0.4/webhook",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/webhook.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Generating Diffs for Modified GitRepos",permalink:"/0.4/bundle-diffs"},next:{title:"Image scan",permalink:"/0.4/imagescan"}},s={},c=[{value:"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.",id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service",level:3},{value:"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.",id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example",level:3},{value:"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.",id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system",level:3},{value:"4. Go to your git provider and test the connection. You should get a HTTP response code.",id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code",level:3}],u={toc:c};function p(e){let{components:t,...a}=e;return(0,r.kt)("wrapper",(0,n.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h1",{id:"webhook"},"Webhook"),(0,r.kt)("p",null,"By default, Fleet utilizes polling (default: 15 seconds) to pull from a Git repo.However, this can be configured to utilize a webhook instead.Fleet currently supports Github,\nGitLab, Bitbucket, Bitbucket Server and Gogs."),(0,r.kt)("h3",{id:"1-configure-the-webhook-service-fleet-uses-a-gitjob-service-to-handle-webhook-requests-create-an-ingress-that-points-to-the-gitjob-service"},"1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: networking.k8s.io/v1\nkind: Ingress\nmetadata:\n name: webhook-ingress\n namespace: cattle-fleet-system\nspec:\n rules:\n - host: your.domain.com\n http:\n paths:\n - path: /\n pathType: Prefix\n backend:\n service:\n name: gitjob\n port:\n number: 80\n")),(0,r.kt)("admonition",{type:"info"},(0,r.kt)("p",{parentName:"admonition"},"You can configure ",(0,r.kt)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/ingress/#tls"},"TLS")," on ingress.")),(0,r.kt)("h3",{id:"2-go-to-your-webhook-provider-and-configure-the-webhook-callback-url-here-is-a-github-example"},"2. Go to your webhook provider and configure the webhook callback url. Here is a Github example."),(0,r.kt)("p",null,(0,r.kt)("img",{src:o(696).Z,width:"1830",height:"1563"})),(0,r.kt)("p",null,"Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default.\nIf your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the\nsecret, follow step 3."),(0,r.kt)("admonition",{type:"note"},(0,r.kt)("p",{parentName:"admonition"},"only application/json is supported due to the limitation of webhook library.")),(0,r.kt)("admonition",{type:"caution"},(0,r.kt)("p",{parentName:"admonition"},"If you configured the webhook the polling interval will be automatically adjusted to 1 hour.")),(0,r.kt)("h3",{id:"3-optional-configure-webhook-secret-the-secret-is-for-validating-webhook-payload-make-sure-to-put-it-in-a-k8s-secret-called-gitjob-webhook-in-cattle-fleet-system"},"3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called ",(0,r.kt)("inlineCode",{parentName:"h3"},"gitjob-webhook")," in ",(0,r.kt)("inlineCode",{parentName:"h3"},"cattle-fleet-system"),"."),(0,r.kt)("table",null,(0,r.kt)("thead",{parentName:"table"},(0,r.kt)("tr",{parentName:"thead"},(0,r.kt)("th",{parentName:"tr",align:null},"Provider"),(0,r.kt)("th",{parentName:"tr",align:null},"K8s Secret Key"))),(0,r.kt)("tbody",{parentName:"table"},(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitHub"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"github"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"GitLab"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gitlab"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucket"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"BitBucketServer"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"bitbucket-server"))),(0,r.kt)("tr",{parentName:"tbody"},(0,r.kt)("td",{parentName:"tr",align:null},"Gogs"),(0,r.kt)("td",{parentName:"tr",align:null},(0,r.kt)("inlineCode",{parentName:"td"},"gogs"))))),(0,r.kt)("p",null,"For example, to create a secret containing a GitHub secret to validate the webhook payload, run:"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue\n")),(0,r.kt)("h3",{id:"4-go-to-your-git-provider-and-test-the-connection-you-should-get-a-http-response-code"},"4. Go to your git provider and test the connection. You should get a HTTP response code."))}p.isMDXComponent=!0},696:(e,t,o)=>{o.d(t,{Z:()=>n});const n=o.p+"assets/images/webhook-9c042ab211f1b5438bf70372e92ecdf7.png"}}]); \ No newline at end of file diff --git a/assets/js/f66ef323.cebef6cf.js b/assets/js/f66ef323.93ea7413.js similarity index 99% rename from assets/js/f66ef323.cebef6cf.js rename to assets/js/f66ef323.93ea7413.js index 223f038b5..858b7ce2b 100644 --- a/assets/js/f66ef323.cebef6cf.js +++ b/assets/js/f66ef323.93ea7413.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1296],{3905:(t,e,a)=>{a.d(e,{Zo:()=>d,kt:()=>s});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var m=n.createContext({}),u=function(t){var e=n.useContext(m),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},d=function(t){var e=u(t.components);return n.createElement(m.Provider,{value:e},t.children)},k={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},N=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,m=t.parentName,d=p(t,["components","mdxType","originalType","parentName"]),N=u(a),s=l,o=N["".concat(m,".").concat(s)]||N[s]||k[s]||r;return a?n.createElement(o,i(i({ref:e},d),{},{components:a})):n.createElement(o,i({ref:e},d))}));function s(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=N;var p={};for(var m in e)hasOwnProperty.call(e,m)&&(p[m]=e[m]);p.originalType=t,p.mdxType="string"==typeof t?t:l,i[1]=p;for(var u=2;u{a.r(e),a.d(e,{assets:()=>m,contentTitle:()=>i,default:()=>k,frontMatter:()=>r,metadata:()=>p,toc:()=>u});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",p={unversionedId:"ref-crds",id:"version-0.6/ref-crds",title:"Custom Resources Spec",description:"* GitRepo",source:"@site/versioned_docs/version-0.6/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/0.6/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-crds.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/0.6/ref-configuration"},next:{title:"fleet.yaml",permalink:"/0.6/ref-fleet-yaml"}},m={},u=[{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"Bundle",id:"bundle",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"Content",id:"content",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4}],d={toc:u};function k(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},d,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus"))),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ResourcePerClusterState]","(#resourceperclusterstate)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for private helm repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of target this repo will deploy to"),(0,l.kt)("td",{parentName:"tr",align:null},"[][GitTarget]","(#gittarget)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when new image is scanned and write back to git repo"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][GitRepoResource]","(#gitreporesource)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleRef]","(#bundleref)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][NonReadyStatus]","(#nonreadystatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ModifiedStatus]","(#modifiedstatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contain the actual resources from the git repo which will be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleResource]","(#bundleresource)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to."),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleTarget]","(#bundletarget)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions restrict which clusters the bundle will be deployed to."),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleTargetRestriction]","(#bundletargetrestriction)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleRef]","(#bundleref)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][PartitionStatus]","(#partitionstatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ResourceKey]","(#resourcekey)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][NonReadyResource]","(#nonreadyresource)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][Operation]","(#operation)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ComparePatch]","(#comparepatch)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[][ValuesFrom]","(#valuesfrom)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes helm skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ModifiedStatus]","(#modifiedstatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][NonReadyStatus]","(#nonreadystatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][Partition]","(#partition)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"At most 3 nodes"),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"At most 3 nodes"),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}k.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1296],{3905:(t,e,a)=>{a.d(e,{Zo:()=>d,kt:()=>s});var n=a(7294);function l(t,e,a){return e in t?Object.defineProperty(t,e,{value:a,enumerable:!0,configurable:!0,writable:!0}):t[e]=a,t}function r(t,e){var a=Object.keys(t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(t);e&&(n=n.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),a.push.apply(a,n)}return a}function i(t){for(var e=1;e=0||(l[a]=t[a]);return l}(t,e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(t,a)&&(l[a]=t[a])}return l}var m=n.createContext({}),u=function(t){var e=n.useContext(m),a=e;return t&&(a="function"==typeof t?t(e):i(i({},e),t)),a},d=function(t){var e=u(t.components);return n.createElement(m.Provider,{value:e},t.children)},k={inlineCode:"code",wrapper:function(t){var e=t.children;return n.createElement(n.Fragment,{},e)}},N=n.forwardRef((function(t,e){var a=t.components,l=t.mdxType,r=t.originalType,m=t.parentName,d=p(t,["components","mdxType","originalType","parentName"]),N=u(a),s=l,o=N["".concat(m,".").concat(s)]||N[s]||k[s]||r;return a?n.createElement(o,i(i({ref:e},d),{},{components:a})):n.createElement(o,i({ref:e},d))}));function s(t,e){var a=arguments,l=e&&e.mdxType;if("string"==typeof t||l){var r=a.length,i=new Array(r);i[0]=N;var p={};for(var m in e)hasOwnProperty.call(e,m)&&(p[m]=e[m]);p.originalType=t,p.mdxType="string"==typeof t?t:l,i[1]=p;for(var u=2;u{a.r(e),a.d(e,{assets:()=>m,contentTitle:()=>i,default:()=>k,frontMatter:()=>r,metadata:()=>p,toc:()=>u});var n=a(7462),l=(a(7294),a(3905));const r={},i="Custom Resources Spec",p={unversionedId:"ref-crds",id:"version-0.6/ref-crds",title:"Custom Resources Spec",description:"* GitRepo",source:"@site/versioned_docs/version-0.6/ref-crds.md",sourceDirName:".",slug:"/ref-crds",permalink:"/0.6/ref-crds",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/ref-crds.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Configuration",permalink:"/0.6/ref-configuration"},next:{title:"fleet.yaml",permalink:"/0.6/ref-fleet-yaml"}},m={},u=[{value:"GitRepo",id:"gitrepo",level:4},{value:"GitRepoDisplay",id:"gitrepodisplay",level:4},{value:"GitRepoResource",id:"gitreporesource",level:4},{value:"GitRepoResourceCounts",id:"gitreporesourcecounts",level:4},{value:"GitRepoRestriction",id:"gitreporestriction",level:4},{value:"GitRepoSpec",id:"gitrepospec",level:4},{value:"GitRepoStatus",id:"gitrepostatus",level:4},{value:"GitTarget",id:"gittarget",level:4},{value:"ResourcePerClusterState",id:"resourceperclusterstate",level:4},{value:"Bundle",id:"bundle",level:4},{value:"BundleDeployment",id:"bundledeployment",level:4},{value:"BundleDeploymentDisplay",id:"bundledeploymentdisplay",level:4},{value:"BundleDeploymentOptions",id:"bundledeploymentoptions",level:4},{value:"BundleDeploymentSpec",id:"bundledeploymentspec",level:4},{value:"BundleDeploymentStatus",id:"bundledeploymentstatus",level:4},{value:"BundleDisplay",id:"bundledisplay",level:4},{value:"BundleNamespaceMapping",id:"bundlenamespacemapping",level:4},{value:"BundleRef",id:"bundleref",level:4},{value:"BundleResource",id:"bundleresource",level:4},{value:"BundleSpec",id:"bundlespec",level:4},{value:"BundleStatus",id:"bundlestatus",level:4},{value:"BundleSummary",id:"bundlesummary",level:4},{value:"BundleTarget",id:"bundletarget",level:4},{value:"BundleTargetRestriction",id:"bundletargetrestriction",level:4},{value:"ComparePatch",id:"comparepatch",level:4},{value:"ConfigMapKeySelector",id:"configmapkeyselector",level:4},{value:"Content",id:"content",level:4},{value:"DiffOptions",id:"diffoptions",level:4},{value:"HelmOptions",id:"helmoptions",level:4},{value:"KustomizeOptions",id:"kustomizeoptions",level:4},{value:"LocalObjectReference",id:"localobjectreference",level:4},{value:"ModifiedStatus",id:"modifiedstatus",level:4},{value:"NonReadyResource",id:"nonreadyresource",level:4},{value:"NonReadyStatus",id:"nonreadystatus",level:4},{value:"Operation",id:"operation",level:4},{value:"Partition",id:"partition",level:4},{value:"PartitionStatus",id:"partitionstatus",level:4},{value:"ResourceKey",id:"resourcekey",level:4},{value:"RolloutStrategy",id:"rolloutstrategy",level:4},{value:"SecretKeySelector",id:"secretkeyselector",level:4},{value:"ValuesFrom",id:"valuesfrom",level:4},{value:"YAMLOptions",id:"yamloptions",level:4},{value:"AlphabeticalPolicy",id:"alphabeticalpolicy",level:4},{value:"CommitSpec",id:"commitspec",level:4},{value:"ImagePolicyChoice",id:"imagepolicychoice",level:4},{value:"ImageScan",id:"imagescan",level:4},{value:"ImageScanSpec",id:"imagescanspec",level:4},{value:"ImageScanStatus",id:"imagescanstatus",level:4},{value:"SemVerPolicy",id:"semverpolicy",level:4},{value:"AgentStatus",id:"agentstatus",level:4},{value:"Cluster",id:"cluster",level:4},{value:"ClusterDisplay",id:"clusterdisplay",level:4},{value:"ClusterGroup",id:"clustergroup",level:4},{value:"ClusterGroupDisplay",id:"clustergroupdisplay",level:4},{value:"ClusterGroupSpec",id:"clustergroupspec",level:4},{value:"ClusterGroupStatus",id:"clustergroupstatus",level:4},{value:"ClusterRegistration",id:"clusterregistration",level:4},{value:"ClusterRegistrationSpec",id:"clusterregistrationspec",level:4},{value:"ClusterRegistrationStatus",id:"clusterregistrationstatus",level:4},{value:"ClusterRegistrationToken",id:"clusterregistrationtoken",level:4},{value:"ClusterRegistrationTokenSpec",id:"clusterregistrationtokenspec",level:4},{value:"ClusterRegistrationTokenStatus",id:"clusterregistrationtokenstatus",level:4},{value:"ClusterSpec",id:"clusterspec",level:4},{value:"ClusterStatus",id:"clusterstatus",level:4}],d={toc:u};function k(t){let{components:e,...a}=t;return(0,l.kt)("wrapper",(0,n.Z)({},d,a,{components:e,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"custom-resources-spec"},"Custom Resources Spec"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepo"},"GitRepo")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporestriction"},"GitRepoRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundle"},"Bundle")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeployment"},"BundleDeployment")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlenamespacemapping"},"BundleNamespaceMapping")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#content"},"Content")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescan"},"ImageScan")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#cluster"},"Cluster")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroup"},"ClusterGroup")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistration"},"ClusterRegistration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtoken"},"ClusterRegistrationToken"))),(0,l.kt)("h1",{id:"sub-resources"},"Sub Resources"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesource"},"GitRepoResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#gittarget"},"GitTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourceperclusterstate"},"ResourcePerClusterState")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleref"},"BundleRef")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundleresource"},"BundleResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletarget"},"BundleTarget")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#bundletargetrestriction"},"BundleTargetRestriction")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#comparepatch"},"ComparePatch")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#localobjectreference"},"LocalObjectReference")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#modifiedstatus"},"ModifiedStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadyresource"},"NonReadyResource")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#nonreadystatus"},"NonReadyStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#operation"},"Operation")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partition"},"Partition")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#partitionstatus"},"PartitionStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#resourcekey"},"ResourceKey")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#valuesfrom"},"ValuesFrom")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#commitspec"},"CommitSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"#clusterstatus"},"ClusterStatus"))),(0,l.kt)("h4",{id:"gitrepo"},"GitRepo"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepospec"},"GitRepoSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepostatus"},"GitRepoStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepodisplay"},"GitRepoDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundleDeployments"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesource"},"GitRepoResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"type"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"id"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"incompleteState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"perClusterState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ResourcePerClusterState]","(#resourceperclusterstate)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporesourcecounts"},"GitRepoResourceCounts"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"orphaned"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unknown"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitreporestriction"},"GitRepoRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultServiceAccount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedServiceAccounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedRepoPatterns"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultClientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedClientSecretNames"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"allowedTargetNamespaces"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepospec"},"GitRepoSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is a URL to a git repo to clone and index"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"branch"),(0,l.kt)("td",{parentName:"tr",align:null},"Branch The git branch to follow"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"revision"),(0,l.kt)("td",{parentName:"tr",align:null},"Revision A specific commit or tag to operate on"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"Ensure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},'ClientSecretName is the client secret to be used to connect to the repo It is expected the secret be of type \\"kubernetes.io/basic-auth\\" or \\"kubernetes.io/ssh-auth\\".'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmSecretName"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmSecretName contains the auth secret for private helm repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helmRepoURLRegex"),(0,l.kt)("td",{parentName:"tr",align:null},"HelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"caBundle"),(0,l.kt)("td",{parentName:"tr",align:null},"CABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate."),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"insecureSkipTLSVerify"),(0,l.kt)("td",{parentName:"tr",align:null},"InsecureSkipTLSverify will use insecure HTTPS to clone the repo."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paths"),(0,l.kt)("td",{parentName:"tr",align:null},"Paths is the directories relative to the git repo root that contain resources to be applied. Path globbing is support, for example ",'[\\"charts/*\\"]',' will match all folders as a subdirectory of charts/ If empty, \\"/\\" is the default'),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused this cause changes in Git to not be propagated down to the clusters but instead mark resources as OutOfSync"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount used in the downstream cluster for deployment"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets is a list of target this repo will deploy to"),(0,l.kt)("td",{parentName:"tr",align:null},"[][GitTarget]","(#gittarget)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pollingInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"PollingInterval is how often to check git for new updates"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"Increment this number to force a redeployment of contents from Git"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanInterval"),(0,l.kt)("td",{parentName:"tr",align:null},"ImageScanInterval is the interval of syncing scanned images and writing back to git repo"),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"imageScanCommit"),(0,l.kt)("td",{parentName:"tr",align:null},"Commit specifies how to commit to the git repo when new image is scanned and write back to git repo"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#commitspec"},"CommitSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources specifies if the resources created must be kept after deleting the GitRepo"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gitrepostatus"},"GitRepoStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"commit"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitJobStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitrepodisplay"},"GitRepoDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][GitRepoResource]","(#gitreporesource)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceErrors"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSyncedImageScanTime"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"gittarget"},"GitTarget"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourceperclusterstate"},"ResourcePerClusterState"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"error"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"transitioning"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterId"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundle"},"Bundle"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlespec"},"BundleSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlestatus"},"BundleStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeployment"},"BundleDeployment"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentspec"},"BundleDeploymentSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentstatus"},"BundleDeploymentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentdisplay"},"BundleDeploymentDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deployed"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"monitored"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentoptions"},"BundleDeploymentOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"defaultNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"DefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kustomize"),(0,l.kt)("td",{parentName:"tr",align:null},"Kustomize options for the deployment, like the dir containing the kustomization.yaml file."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#kustomizeoptions"},"KustomizeOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"helm"),(0,l.kt)("td",{parentName:"tr",align:null},"Helm options for the deployment, like the chart name, repo and values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#helmoptions"},"HelmOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"serviceAccount"),(0,l.kt)("td",{parentName:"tr",align:null},"ServiceAccount which will be used to perform this deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"forceSyncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"ForceSyncGeneration is used to force a redeployment"),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"yaml"),(0,l.kt)("td",{parentName:"tr",align:null},"YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#yamloptions"},"YAMLOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"diff"),(0,l.kt)("td",{parentName:"tr",align:null},"Diff can be used to ignore the modified state of objects which are amended at runtime."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#diffoptions"},"DiffOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"keepResources"),(0,l.kt)("td",{parentName:"tr",align:null},"KeepResources can be used to keep the deployed resources when removing the bundle"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentspec"},"BundleDeploymentSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"stagedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"options"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"deploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleRef]","(#bundleref)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledeploymentstatus"},"BundleDeploymentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"appliedDeploymentID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"release"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonModified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][NonReadyStatus]","(#nonreadystatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ModifiedStatus]","(#modifiedstatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentdisplay"},"BundleDeploymentDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"syncGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundledisplay"},"BundleDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlenamespacemapping"},"BundleNamespaceMapping"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespaceSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleref"},"BundleRef"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundleresource"},"BundleResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"encoding"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlespec"},"BundleSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"rolloutStrategy"),(0,l.kt)("td",{parentName:"tr",align:null},"RolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#rolloutstrategy"},"RolloutStrategy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resources"),(0,l.kt)("td",{parentName:"tr",align:null},"Resources contain the actual resources from the git repo which will be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleResource]","(#bundleresource)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targets"),(0,l.kt)("td",{parentName:"tr",align:null},"Targets refer to the clusters which will be deployed to."),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleTarget]","(#bundletarget)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"targetRestrictions"),(0,l.kt)("td",{parentName:"tr",align:null},"TargetRestrictions restrict which clusters the bundle will be deployed to."),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleTargetRestriction]","(#bundletargetrestriction)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dependsOn"),(0,l.kt)("td",{parentName:"tr",align:null},"DependsOn refers to the bundles which must be ready before this bundle can be deployed."),(0,l.kt)("td",{parentName:"tr",align:null},"[][BundleRef]","(#bundleref)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlestatus"},"BundleStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"newlyCreated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxNew"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][PartitionStatus]","(#partitionstatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledisplay"},"BundleDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceKey"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ResourceKey]","(#resourcekey)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundlesummary"},"BundleSummary"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"notReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"errApplied"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"outOfSync"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modified"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ready"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"pending"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReady"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyResources"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][NonReadyResource]","(#nonreadyresource)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletarget"},"BundleTarget"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"BundleDeploymentOptions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundledeploymentoptions"},"BundleDeploymentOptions")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"bundletargetrestriction"},"BundleTargetRestriction"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"comparepatch"},"ComparePatch"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"operations"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][Operation]","(#operation)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"jsonPointers"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"configmapkeyselector"},"ConfigMapKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"content"},"Content"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"content"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]byte"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"diffoptions"},"DiffOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"comparePatches"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ComparePatch]","(#comparepatch)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"helmoptions"},"HelmOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"chart"),(0,l.kt)("td",{parentName:"tr",align:null},"Chart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"repo"),(0,l.kt)("td",{parentName:"tr",align:null},"Repo is the name of the HTTPS helm repo to download the chart from."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"releaseName"),(0,l.kt)("td",{parentName:"tr",align:null},"ReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"version"),(0,l.kt)("td",{parentName:"tr",align:null},"Version of the chart to download"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"TimeoutSeconds is the time to wait for Helm operations."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"values"),(0,l.kt)("td",{parentName:"tr",align:null},"Values passed to Helm. It is possible to specify the keys and values as go template strings."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFrom"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFrom loads the values from configmaps and secrets."),(0,l.kt)("td",{parentName:"tr",align:null},"[][ValuesFrom]","(#valuesfrom)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"force"),(0,l.kt)("td",{parentName:"tr",align:null},"Force allows to override immutable resources. This could be dangerous."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"takeOwnership"),(0,l.kt)("td",{parentName:"tr",align:null},"TakeOwnership makes helm skip the check for its own annotations"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxHistory"),(0,l.kt)("td",{parentName:"tr",align:null},"MaxHistory limits the maximum number of revisions saved per release by Helm."),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"valuesFiles"),(0,l.kt)("td",{parentName:"tr",align:null},"ValuesFiles is a list of files to load values from."),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"waitForJobs"),(0,l.kt)("td",{parentName:"tr",align:null},"WaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSeconds"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"atomic"),(0,l.kt)("td",{parentName:"tr",align:null},"Atomic sets the --atomic flag when Helm is performing an upgrade"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"disablePreProcess"),(0,l.kt)("td",{parentName:"tr",align:null},"DisablePreProcess disables template processing in values"),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"kustomizeoptions"},"KustomizeOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"dir"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"localobjectreference"},"LocalObjectReference"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"modifiedstatus"},"ModifiedStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"missing"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"delete"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"patch"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadyresource"},"NonReadyResource"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"bundleState"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"BundleState"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"message"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"modifiedStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][ModifiedStatus]","(#modifiedstatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyStatus"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][NonReadyStatus]","(#nonreadystatus)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"nonreadystatus"},"NonReadyStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"uid"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"types.UID"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"summary.Summary"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"operation"},"Operation"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"op"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"path"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"value"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partition"},"Partition"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroup"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterGroupSelector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"partitionstatus"},"PartitionStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"count"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"unavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"resourcekey"},"ResourceKey"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kind"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"apiVersion"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"name"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"rolloutstrategy"},"RolloutStrategy"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailable"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"maxUnavailablePartitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"autoPartitionSize"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*intstr.IntOrString"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"partitions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[][Partition]","(#partition)"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"secretkeyselector"},"SecretKeySelector"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"key"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"valuesfrom"},"ValuesFrom"),(0,l.kt)("p",null,"Define helm values that can come from configmap, secret or external. Credit: ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439"},"https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"configMapKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a config map with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#configmapkeyselector"},"ConfigMapKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretKeyRef"),(0,l.kt)("td",{parentName:"tr",align:null},"The reference to a secret with release values."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#secretkeyselector"},"SecretKeySelector")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"yamloptions"},"YAMLOptions"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"overlays"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"alphabeticalpolicy"},"AlphabeticalPolicy"),(0,l.kt)("p",null,"AlphabeticalPolicy specifies a alphabetical ordering policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"order"),(0,l.kt)("td",{parentName:"tr",align:null},"Order specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"commitspec"},"CommitSpec"),(0,l.kt)("p",null,"CommitSpec specifies how to commit changes to the git repository"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorName"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorName gives the name to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"authorEmail"),(0,l.kt)("td",{parentName:"tr",align:null},"AuthorEmail gives the email to provide when making a commit"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"messageTemplate"),(0,l.kt)("td",{parentName:"tr",align:null},"MessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagepolicychoice"},"ImagePolicyChoice"),(0,l.kt)("p",null,"ImagePolicyChoice is a union of all the types of policy that can be supplied."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"semver"),(0,l.kt)("td",{parentName:"tr",align:null},"SemVer gives a semantic version range to check against the tags available."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#semverpolicy"},"SemVerPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"alphabetical"),(0,l.kt)("td",{parentName:"tr",align:null},"Alphabetical set of rules to use for alphabetical ordering of the tags."),(0,l.kt)("td",{parentName:"tr",align:null},"*",(0,l.kt)("a",{parentName:"td",href:"#alphabeticalpolicy"},"AlphabeticalPolicy")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescan"},"ImageScan"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanspec"},"ImageScanSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagescanstatus"},"ImageScanStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanspec"},"ImageScanSpec"),(0,l.kt)("p",null,"API is taken from ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/fluxcd/image-reflector-controller"},"https://github.com/fluxcd/image-reflector-controller")),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"tagName"),(0,l.kt)("td",{parentName:"tr",align:null},"TagName is the tag ref that needs to be put in manifest to replace fields"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"gitrepoName"),(0,l.kt)("td",{parentName:"tr",align:null},"GitRepo reference name"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"image"),(0,l.kt)("td",{parentName:"tr",align:null},"Image is the name of the image repository"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"interval"),(0,l.kt)("td",{parentName:"tr",align:null},"Interval is the length of time to wait between scans of the image repository."),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretRef"),(0,l.kt)("td",{parentName:"tr",align:null},"SecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with ",(0,l.kt)("inlineCode",{parentName:"td"},"kubectl create secret docker-registry"),", or the equivalent."),(0,l.kt)("td",{parentName:"tr",align:null},"*corev1.LocalObjectReference"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"suspend"),(0,l.kt)("td",{parentName:"tr",align:null},"This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"policy"),(0,l.kt)("td",{parentName:"tr",align:null},"Policy gives the particulars of the policy to be followed in selecting the most recent image"),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#imagepolicychoice"},"ImagePolicyChoice")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"imagescanstatus"},"ImageScanStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastScanTime"),(0,l.kt)("td",{parentName:"tr",align:null},"LastScanTime is the last time image was scanned"),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestImage"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestTag"),(0,l.kt)("td",{parentName:"tr",align:null},"Latest tag is the latest tag filtered by the policy"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"latestDigest"),(0,l.kt)("td",{parentName:"tr",align:null},"LatestDigest is the digest of latest tag"),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"observedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"canonicalImageName"),(0,l.kt)("td",{parentName:"tr",align:null},"CanonicalName is the name of the image repository with all the implied bits made explicit; e.g., ",(0,l.kt)("inlineCode",{parentName:"td"},"docker.io/library/alpine")," rather than ",(0,l.kt)("inlineCode",{parentName:"td"},"alpine"),"."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"semverpolicy"},"SemVerPolicy"),(0,l.kt)("p",null,"SemVerPolicy specifies a semantic version policy."),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"range"),(0,l.kt)("td",{parentName:"tr",align:null},"Range gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"agentstatus"},"AgentStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"lastSeen"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"At most 3 nodes"),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodeNames"),(0,l.kt)("td",{parentName:"tr",align:null},"At most 3 nodes"),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"cluster"},"Cluster"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterspec"},"ClusterSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterstatus"},"ClusterStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterdisplay"},"ClusterDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyNodes"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"sampleNode"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroup"},"ClusterGroup"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupspec"},"ClusterGroupSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupstatus"},"ClusterGroupStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"true")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupdisplay"},"ClusterGroupDisplay"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyBundles"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"state"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupspec"},"ClusterGroupSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"selector"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.LabelSelector"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clustergroupstatus"},"ClusterGroupStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterCount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusterCount"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"nonReadyClusters"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clustergroupdisplay"},"ClusterGroupDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistration"},"ClusterRegistration"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationspec"},"ClusterRegistrationSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationstatus"},"ClusterRegistrationStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationspec"},"ClusterRegistrationSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientRandom"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterLabels"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"map","[string]","string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationstatus"},"ClusterRegistrationStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clusterName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"granted"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtoken"},"ClusterRegistrationToken"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"metadata"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"metav1.ObjectMeta"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"spec"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"status"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenspec"},"ClusterRegistrationTokenSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"ttl"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Duration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterregistrationtokenstatus"},"ClusterRegistrationTokenStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"expires"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*metav1.Time"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"secretName"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterspec"},"ClusterSpec"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"paused"),(0,l.kt)("td",{parentName:"tr",align:null},"Paused if set to true, will stop any BundleDeployments from being updated."),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"clientID"),(0,l.kt)("td",{parentName:"tr",align:null},"ClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"kubeConfigSecret"),(0,l.kt)("td",{parentName:"tr",align:null},"KubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"redeployAgentGeneration"),(0,l.kt)("td",{parentName:"tr",align:null},"RedeployAgentGeneration can be used to force redeploying the agent."),(0,l.kt)("td",{parentName:"tr",align:null},"int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVars"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentEnvVars are extra environment variables to be added to the agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.EnvVar"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespace"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentNamespace defaults to the system namespace, e.g. cattle-fleet-system."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"privateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null},"PrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config."),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"templateValues"),(0,l.kt)("td",{parentName:"tr",align:null},"TemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating."),(0,l.kt)("td",{parentName:"tr",align:null},"*GenericMap"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentTolerations"),(0,l.kt)("td",{parentName:"tr",align:null},"AgentTolerations defines an extra set of Tolerations to be added to the Agent deployment."),(0,l.kt)("td",{parentName:"tr",align:null},"[]v1.Toleration"),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")),(0,l.kt)("h4",{id:"clusterstatus"},"ClusterStatus"),(0,l.kt)("table",null,(0,l.kt)("thead",{parentName:"table"},(0,l.kt)("tr",{parentName:"thead"},(0,l.kt)("th",{parentName:"tr",align:null},"Field"),(0,l.kt)("th",{parentName:"tr",align:null},"Description"),(0,l.kt)("th",{parentName:"tr",align:null},"Scheme"),(0,l.kt)("th",{parentName:"tr",align:null},"Required"))),(0,l.kt)("tbody",{parentName:"table"},(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"conditions"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"[]genericcondition.GenericCondition"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"namespace"),(0,l.kt)("td",{parentName:"tr",align:null},'Namespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \\"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\\"'),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"summary"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#bundlesummary"},"BundleSummary")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"resourceCounts"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#gitreporesourcecounts"},"GitRepoResourceCounts")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"readyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"desiredReadyGitRepos"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"int"),(0,l.kt)("td",{parentName:"tr",align:null},"true")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentEnvVarsHash"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentPrivateRepoURL"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"string"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentDeployedGeneration"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"*int64"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agentNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"cattleNamespaceMigrated"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},"bool"),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"display"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#clusterdisplay"},"ClusterDisplay")),(0,l.kt)("td",{parentName:"tr",align:null},"false")),(0,l.kt)("tr",{parentName:"tbody"},(0,l.kt)("td",{parentName:"tr",align:null},"agent"),(0,l.kt)("td",{parentName:"tr",align:null}),(0,l.kt)("td",{parentName:"tr",align:null},(0,l.kt)("a",{parentName:"td",href:"#agentstatus"},"AgentStatus")),(0,l.kt)("td",{parentName:"tr",align:null},"false")))),(0,l.kt)("p",null,(0,l.kt)("a",{parentName:"p",href:"#custom-resources"},"Back to Custom Resources")))}k.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f6748474.6b17579f.js b/assets/js/f6748474.65200520.js similarity index 97% rename from assets/js/f6748474.6b17579f.js rename to assets/js/f6748474.65200520.js index 2c8f70632..6511c9b0a 100644 --- a/assets/js/f6748474.6b17579f.js +++ b/assets/js/f6748474.65200520.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4339],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function i(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(i[r]=e[r]);return i}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(i[r]=e[r])}return i}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,i=e.mdxType,a=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(r),g=i,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||a;return r?n.createElement(m,o(o({ref:t},u),{},{components:r})):n.createElement(m,o({ref:t},u))}));function g(e,t){var r=arguments,i=t&&t.mdxType;if("string"==typeof e||i){var a=r.length,o=new Array(a);o[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:i,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var n=r(7462),i=(r(7294),r(3905));const a={},o="Overview",s={unversionedId:"cluster-overview",id:"version-0.4/cluster-overview",title:"Overview",description:"There are two specific styles to registering clusters. These styles will be referred",source:"@site/versioned_docs/version-0.4/cluster-overview.md",sourceDirName:".",slug:"/cluster-overview",permalink:"/0.4/cluster-overview",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/cluster-overview.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Examples",permalink:"/0.4/examples"},next:{title:"Cluster Registration Tokens",permalink:"/0.4/cluster-tokens"}},l={},c=[{value:"Agent Initiated Registration",id:"agent-initiated-registration",level:2},{value:"Manager Initiated Registration",id:"manager-initiated-registration",level:2}],u={toc:c};function p(e){let{components:t,...r}=e;return(0,i.kt)("wrapper",(0,n.Z)({},u,r,{components:t,mdxType:"MDXLayout"}),(0,i.kt)("h1",{id:"overview"},"Overview"),(0,i.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,i.kt)("strong",{parentName:"p"},"agent initiated")," and ",(0,i.kt)("strong",{parentName:"p"},"manager initiated")," registration. Typically one would\ngo with the agent initiated registration but there are specific use cases in which\nmanager initiated is a better workflow."),(0,i.kt)("h2",{id:"agent-initiated-registration"},"Agent Initiated Registration"),(0,i.kt)("p",null,"Agent initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,i.kt)("a",{parentName:"p",href:"/0.4/cluster-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,i.kt)("h2",{id:"manager-initiated-registration"},"Manager Initiated Registration"),(0,i.kt)("p",null,"Manager initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,i.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,i.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4339],{3905:(e,t,r)=>{r.d(t,{Zo:()=>u,kt:()=>g});var n=r(7294);function i(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function a(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(i[r]=e[r]);return i}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(i[r]=e[r])}return i}var l=n.createContext({}),c=function(e){var t=n.useContext(l),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},u=function(e){var t=c(e.components);return n.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,i=e.mdxType,a=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(r),g=i,m=d["".concat(l,".").concat(g)]||d[g]||p[g]||a;return r?n.createElement(m,o(o({ref:t},u),{},{components:r})):n.createElement(m,o({ref:t},u))}));function g(e,t){var r=arguments,i=t&&t.mdxType;if("string"==typeof e||i){var a=r.length,o=new Array(a);o[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:i,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>l,contentTitle:()=>o,default:()=>p,frontMatter:()=>a,metadata:()=>s,toc:()=>c});var n=r(7462),i=(r(7294),r(3905));const a={},o="Overview",s={unversionedId:"cluster-overview",id:"version-0.4/cluster-overview",title:"Overview",description:"There are two specific styles to registering clusters. These styles will be referred",source:"@site/versioned_docs/version-0.4/cluster-overview.md",sourceDirName:".",slug:"/cluster-overview",permalink:"/0.4/cluster-overview",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/cluster-overview.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Examples",permalink:"/0.4/examples"},next:{title:"Cluster Registration Tokens",permalink:"/0.4/cluster-tokens"}},l={},c=[{value:"Agent Initiated Registration",id:"agent-initiated-registration",level:2},{value:"Manager Initiated Registration",id:"manager-initiated-registration",level:2}],u={toc:c};function p(e){let{components:t,...r}=e;return(0,i.kt)("wrapper",(0,n.Z)({},u,r,{components:t,mdxType:"MDXLayout"}),(0,i.kt)("h1",{id:"overview"},"Overview"),(0,i.kt)("p",null,"There are two specific styles to registering clusters. These styles will be referred\nto as ",(0,i.kt)("strong",{parentName:"p"},"agent initiated")," and ",(0,i.kt)("strong",{parentName:"p"},"manager initiated")," registration. Typically one would\ngo with the agent initiated registration but there are specific use cases in which\nmanager initiated is a better workflow."),(0,i.kt)("h2",{id:"agent-initiated-registration"},"Agent Initiated Registration"),(0,i.kt)("p",null,"Agent initiated refers to a pattern in which the downstream cluster installs an agent with a\n",(0,i.kt)("a",{parentName:"p",href:"/0.4/cluster-tokens"},"cluster registration token")," and optionally a client ID. The cluster\nagent will then make a API request to the Fleet manager and initiate the registration process. Using\nthis process the Manager will never make an outbound API request to the downstream clusters and will thus\nnever need to have direct network access. The downstream cluster only needs to make outbound HTTPS\ncalls to the manager."),(0,i.kt)("h2",{id:"manager-initiated-registration"},"Manager Initiated Registration"),(0,i.kt)("p",null,"Manager initiated registration is a process in which you register an existing Kubernetes cluster\nwith the Fleet manager and the Fleet manager will make an API call to the downstream cluster to\ndeploy the agent. This style can place additional network access requirements because the Fleet\nmanager must be able to communicate with the downstream cluster API server for the registration process.\nAfter the cluster is registered there is no further need for the manager to contact the downstream\ncluster API. This style is more compatible if you wish to manage the creation of all your Kubernetes\nclusters through GitOps using something like ",(0,i.kt)("a",{parentName:"p",href:"https://github.com/kubernetes-sigs/cluster-api"},"cluster-api"),"\nor ",(0,i.kt)("a",{parentName:"p",href:"https://github.com/rancher/rancher"},"Rancher"),"."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f78aef8c.2fa4862e.js b/assets/js/f78aef8c.c5fa87f0.js similarity index 97% rename from assets/js/f78aef8c.2fa4862e.js rename to assets/js/f78aef8c.c5fa87f0.js index 6f84ce43a..5ce43f9e0 100644 --- a/assets/js/f78aef8c.2fa4862e.js +++ b/assets/js/f78aef8c.c5fa87f0.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3327],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>u});var l=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function a(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=l.createContext({}),p=function(e){var t=l.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},s=function(e){var t=p(e.components);return l.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},f=l.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),f=p(n),u=r,y=f["".concat(i,".").concat(u)]||f[u]||d[u]||o;return n?l.createElement(y,a(a({ref:t},s),{},{components:n})):l.createElement(y,a({ref:t},s))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,a=new Array(o);a[0]=f;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:r,a[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>a,default:()=>d,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var l=n(7462),r=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet deploy"},a=void 0,c={unversionedId:"cli/fleet-cli/fleet_deploy",id:"cli/fleet-cli/fleet_deploy",title:"",description:"fleet deploy",source:"@site/docs/cli/fleet-cli/fleet_deploy.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_deploy",permalink:"/cli/fleet-cli/fleet_deploy",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_deploy.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet deploy"},sidebar:"docs",previous:{title:"fleet cleanup",permalink:"/cli/fleet-cli/fleet_cleanup"},next:{title:"fleet target",permalink:"/cli/fleet-cli/fleet_target"}},i={},p=[{value:"fleet deploy",id:"fleet-deploy",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],s={toc:p};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,l.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h2",{id:"fleet-deploy"},"fleet deploy"),(0,r.kt)("p",null,"Deploy a bundledeployment/content resource to a cluster, by creating a Helm release. This will not deploy the bundledeployment/content resources directly to the cluster."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"fleet deploy [flags]\n")),(0,r.kt)("h3",{id:"options"},"Options"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"}," -a, --agent-namespace string Set the agent namespace, normally cattle-fleet-system. If set, fleet agent will garbage collect the helm release, i.e. delete it if the bundledeployment is missing.\n -d, --dry-run Print the resources that would be deployed, but do not actually deploy them\n -h, --help help for deploy\n -i, --input-file string Location of the YAML file containing the content and the bundledeployment resource\n --kubeconfig string Paths to a kubeconfig. Only required if out-of-cluster.\n -n, --namespace string Set the default namespace. Deploy helm chart into this namespace.\n --zap-devel Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)\n --zap-encoder encoder Zap log encoding (one of 'json' or 'console')\n --zap-log-level level Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity\n --zap-stacktrace-level level Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').\n --zap-time-encoding time-encoding Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.\n")),(0,r.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3327],{3905:(e,t,n)=>{n.d(t,{Zo:()=>s,kt:()=>u});var l=n(7294);function r(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);t&&(l=l.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,l)}return n}function a(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(l=0;l=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}var i=l.createContext({}),p=function(e){var t=l.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},s=function(e){var t=p(e.components);return l.createElement(i.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return l.createElement(l.Fragment,{},t)}},f=l.forwardRef((function(e,t){var n=e.components,r=e.mdxType,o=e.originalType,i=e.parentName,s=c(e,["components","mdxType","originalType","parentName"]),f=p(n),u=r,y=f["".concat(i,".").concat(u)]||f[u]||d[u]||o;return n?l.createElement(y,a(a({ref:t},s),{},{components:n})):l.createElement(y,a({ref:t},s))}));function u(e,t){var n=arguments,r=t&&t.mdxType;if("string"==typeof e||r){var o=n.length,a=new Array(o);a[0]=f;var c={};for(var i in t)hasOwnProperty.call(t,i)&&(c[i]=t[i]);c.originalType=e,c.mdxType="string"==typeof e?e:r,a[1]=c;for(var p=2;p{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>a,default:()=>d,frontMatter:()=>o,metadata:()=>c,toc:()=>p});var l=n(7462),r=(n(7294),n(3905));const o={title:"",sidebar_label:"fleet deploy"},a=void 0,c={unversionedId:"cli/fleet-cli/fleet_deploy",id:"cli/fleet-cli/fleet_deploy",title:"",description:"fleet deploy",source:"@site/docs/cli/fleet-cli/fleet_deploy.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_deploy",permalink:"/cli/fleet-cli/fleet_deploy",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/cli/fleet-cli/fleet_deploy.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet deploy"},sidebar:"docs",previous:{title:"fleet cleanup",permalink:"/cli/fleet-cli/fleet_cleanup"},next:{title:"fleet target",permalink:"/cli/fleet-cli/fleet_target"}},i={},p=[{value:"fleet deploy",id:"fleet-deploy",level:2},{value:"Options",id:"options",level:3},{value:"SEE ALSO",id:"see-also",level:3}],s={toc:p};function d(e){let{components:t,...n}=e;return(0,r.kt)("wrapper",(0,l.Z)({},s,n,{components:t,mdxType:"MDXLayout"}),(0,r.kt)("h2",{id:"fleet-deploy"},"fleet deploy"),(0,r.kt)("p",null,"Deploy a bundledeployment/content resource to a cluster, by creating a Helm release. This will not deploy the bundledeployment/content resources directly to the cluster."),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"},"fleet deploy [flags]\n")),(0,r.kt)("h3",{id:"options"},"Options"),(0,r.kt)("pre",null,(0,r.kt)("code",{parentName:"pre"}," -a, --agent-namespace string Set the agent namespace, normally cattle-fleet-system. If set, fleet agent will garbage collect the helm release, i.e. delete it if the bundledeployment is missing.\n -d, --dry-run Print the resources that would be deployed, but do not actually deploy them\n -h, --help help for deploy\n -i, --input-file string Location of the YAML file containing the content and the bundledeployment resource\n --kubeconfig string Paths to a kubeconfig. Only required if out-of-cluster.\n -n, --namespace string Set the default namespace. Deploy helm chart into this namespace.\n --zap-devel Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)\n --zap-encoder encoder Zap log encoding (one of 'json' or 'console')\n --zap-log-level level Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity\n --zap-stacktrace-level level Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').\n --zap-time-encoding time-encoding Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.\n")),(0,r.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,r.kt)("ul",null,(0,r.kt)("li",{parentName:"ul"},(0,r.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f7c88408.e1cd16f2.js b/assets/js/f7c88408.69e48a62.js similarity index 99% rename from assets/js/f7c88408.e1cd16f2.js rename to assets/js/f7c88408.69e48a62.js index d956536a1..49a3cfe64 100644 --- a/assets/js/f7c88408.e1cd16f2.js +++ b/assets/js/f7c88408.69e48a62.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4235],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"version-0.6/multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/versioned_docs/version-0.6/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/0.6/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/multi-user.md",tags:[],version:"0.6",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/0.6/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/0.6/gitrepo-add"}},i={},c=[{value:"Example User",id:"example-user",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,a.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,a.kt)("p",null,"One addition on top of RBAC is the ",(0,a.kt)("a",{parentName:"p",href:"/0.6/namespaces#restricting-gitrepos"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,a.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,a.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,a.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,a.kt)("admonition",{title:"important information",type:"warning"},(0,a.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,a.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,a.kt)("h2",{id:"example-user"},"Example User"),(0,a.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,a.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,a.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,a.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,a.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,a.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,a.kt)("a",{parentName:"p",href:"/0.6/namespaces#cross-namespace-deployments"},(0,a.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,a.kt)("p",null,"The ",(0,a.kt)("a",{parentName:"p",href:"/0.6/gitrepo-targets"},(0,a.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,a.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,a.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,a.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,a.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,a.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,a.kt)("p",null,"This includes the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,a.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,a.kt)("p",null,"Together with the previous ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,a.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[4235],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>d});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function l(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var i=r.createContext({}),c=function(e){var t=r.useContext(i),n=t;return e&&(n="function"==typeof e?e(t):l(l({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},m=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,s=e.originalType,i=e.parentName,p=o(e,["components","mdxType","originalType","parentName"]),m=c(n),d=a,h=m["".concat(i,".").concat(d)]||m[d]||u[d]||s;return n?r.createElement(h,l(l({ref:t},p),{},{components:n})):r.createElement(h,l({ref:t},p))}));function d(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var s=n.length,l=new Array(s);l[0]=m;var o={};for(var i in t)hasOwnProperty.call(t,i)&&(o[i]=t[i]);o.originalType=e,o.mdxType="string"==typeof e?e:a,l[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>i,contentTitle:()=>l,default:()=>u,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const s={},l="Setup Multi User",o={unversionedId:"multi-user",id:"version-0.6/multi-user",title:"Setup Multi User",description:"Fleet uses Kubernetes RBAC where possible.",source:"@site/versioned_docs/version-0.6/multi-user.md",sourceDirName:".",slug:"/multi-user",permalink:"/0.6/multi-user",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.6/multi-user.md",tags:[],version:"0.6",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Create Cluster Groups",permalink:"/0.6/cluster-group"},next:{title:"Create a GitRepo Resource",permalink:"/0.6/gitrepo-add"}},i={},c=[{value:"Example User",id:"example-user",level:2},{value:"Allow Access to Clusters",id:"allow-access-to-clusters",level:2},{value:"Restricting Access to Downstream Clusters",id:"restricting-access-to-downstream-clusters",level:2},{value:"An Example GitRepo Resource",id:"an-example-gitrepo-resource",level:2}],p={toc:c};function u(e){let{components:t,...s}=e;return(0,a.kt)("wrapper",(0,r.Z)({},p,s,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"setup-multi-user"},"Setup Multi User"),(0,a.kt)("p",null,"Fleet uses Kubernetes RBAC where possible."),(0,a.kt)("p",null,"One addition on top of RBAC is the ",(0,a.kt)("a",{parentName:"p",href:"/0.6/namespaces#restricting-gitrepos"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepoRestriction"))," resource, which can be used to control GitRepo resources in a namespace."),(0,a.kt)("p",null,"A multi-user fleet setup looks like this:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"tenants don't share namespaces, each tenant has one or more namespaces on the\nupstream cluster, where they can create GitRepo resources"),(0,a.kt)("li",{parentName:"ul"},"tenants can't deploy cluster wide resources and are limited to a set of\nnamespaces on downstream clusters"),(0,a.kt)("li",{parentName:"ul"},"clusters are in a separate namespace")),(0,a.kt)("p",null,(0,a.kt)("img",{alt:"Shared Clusters",src:n(9497).Z,width:"2488",height:"1769"})),(0,a.kt)("admonition",{title:"important information",type:"warning"},(0,a.kt)("p",{parentName:"admonition"},"The isolation of tenants is not complete and relies on Kubernetes RBAC to be\nset up correctly. Without manual setup from an operator tenants can still\ndeploy cluster wide resources. Even with the available Fleet restrictions,\nusers are only restricted to namespaces, but namespaces don't provide much\nisolation on their own. E.g. they can still consume as many resources as they\nlike."),(0,a.kt)("p",{parentName:"admonition"},"However, the existing Fleet restrictions allow users to share clusters, and\ndeploy resources without conflicts.")),(0,a.kt)("h2",{id:"example-user"},"Example User"),(0,a.kt)("p",null,"This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create serviceaccount fleetuser\nkubectl create namespace project1\nkubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser\n")),(0,a.kt)("p",null,"If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io\nkubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\nkubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser\n")),(0,a.kt)("p",null,"This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces."),(0,a.kt)("h2",{id:"allow-access-to-clusters"},"Allow Access to Clusters"),(0,a.kt)("p",null,"This assumes all GitRepos created by 'fleetuser' have the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label. Different labels could be used, to select different cluster namespaces."),(0,a.kt)("p",null,"In each of the user's namespaces, as an admin create a ",(0,a.kt)("a",{parentName:"p",href:"/0.6/namespaces#cross-namespace-deployments"},(0,a.kt)("inlineCode",{parentName:"a"},"BundleNamespaceMapping")),"."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: mapping\n namespace: project1\n\n# Bundles to match by label.\n# The labels are defined in the fleet.yaml # labels field or from the\n# GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n team: one\n # or target one repo\n #fleet.cattle.io/repo-name: simpleapp\n\n# Namespaces, containing clusters, to match by label\nnamespaceSelector:\n matchLabels:\n kubernetes.io/metadata.name: fleet-default\n # the label is on the namespace\n #workspace: prod\n")),(0,a.kt)("p",null,"The ",(0,a.kt)("a",{parentName:"p",href:"/0.6/gitrepo-targets"},(0,a.kt)("inlineCode",{parentName:"a"},"target")," section")," in the GitRepo resource can be used to deploy only to a subset of the matched clusters."),(0,a.kt)("h2",{id:"restricting-access-to-downstream-clusters"},"Restricting Access to Downstream Clusters"),(0,a.kt)("p",null,"Admins can further restrict tenants by creating a ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," in each of their namespaces."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: project1\n\nallowedTargetNamespaces:\n - project1simpleapp\n")),(0,a.kt)("p",null,"This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace."),(0,a.kt)("h2",{id:"an-example-gitrepo-resource"},"An Example GitRepo Resource"),(0,a.kt)("p",null,"A GitRepo resource created by a tenant, without admin access could look like this:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: simpleapp\n namespace: project1\n labels:\n team: one\n\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - bundle-diffs\n\n targetNamespace: project1simpleapp\n\n # do not match the upstream/local cluster, won't work\n targets:\n - name: dev\n clusterSelector:\n matchLabels:\n env: dev\n")),(0,a.kt)("p",null,"This includes the ",(0,a.kt)("inlineCode",{parentName:"p"},"team: one")," label and and the required ",(0,a.kt)("inlineCode",{parentName:"p"},"targetNamespace"),"."),(0,a.kt)("p",null,"Together with the previous ",(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," it would target all clusters with a ",(0,a.kt)("inlineCode",{parentName:"p"},"env: dev")," label in the 'fleet-default' namespace."),(0,a.kt)("admonition",{type:"note"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," do not work with local clusters, so make sure not to target them.")))}u.isMDXComponent=!0},9497:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetSharedClusters-b68f6c53b43cbb795e4d81cda9ebc2bc.svg"}}]); \ No newline at end of file diff --git a/assets/js/f7cf1511.2f021dce.js b/assets/js/f7cf1511.47e824a4.js similarity index 99% rename from assets/js/f7cf1511.2f021dce.js rename to assets/js/f7cf1511.47e824a4.js index 468452c61..ec9e03549 100644 --- a/assets/js/f7cf1511.2f021dce.js +++ b/assets/js/f7cf1511.47e824a4.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5225],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.5/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.5/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.5/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/troubleshooting.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle state",permalink:"/0.5/cluster-bundles-state"},next:{title:"Advanced Users",permalink:"/0.5/advanced-users"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled. "),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo. "),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu "),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown "),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.5/gitrepo-structure"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority" \n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm: \n releaseName: \n repo: \n chart: \ndiff: \n comparePatches: \n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations" \n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/bundle-diffs"},"bundle diffs documentation")," for more information. ")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5225],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>u});var o=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function r(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var s=o.createContext({}),c=function(e){var t=o.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):r(r({},t),e)),n},p=function(e){var t=c(e.components);return o.createElement(s.Provider,{value:t},e.children)},d={inlineCode:"code",wrapper:function(e){var t=e.children;return o.createElement(o.Fragment,{},t)}},h=o.forwardRef((function(e,t){var n=e.components,a=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),h=c(n),u=a,m=h["".concat(s,".").concat(u)]||h[u]||d[u]||l;return n?o.createElement(m,r(r({ref:t},p),{},{components:n})):o.createElement(m,r({ref:t},p))}));function u(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=n.length,r=new Array(l);r[0]=h;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:a,r[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var o=n(7462),a=(n(7294),n(3905));const l={},r="Troubleshooting",i={unversionedId:"troubleshooting",id:"version-0.5/troubleshooting",title:"Troubleshooting",description:"This section contains commands and tips to troubleshoot Fleet.",source:"@site/versioned_docs/version-0.5/troubleshooting.md",sourceDirName:".",slug:"/troubleshooting",permalink:"/0.5/troubleshooting",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/troubleshooting.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster and Bundle state",permalink:"/0.5/cluster-bundles-state"},next:{title:"Advanced Users",permalink:"/0.5/advanced-users"}},s={},c=[{value:"How Do I...",id:"how-do-i",level:2},{value:"Fetch the log from fleet-controller?",id:"fetch-the-log-from-fleet-controller",level:3},{value:"Fetch the log from the fleet-agent?",id:"fetch-the-log-from-the-fleet-agent",level:3},{value:"Fetch detailed error logs from GitRepos and Bundles?",id:"fetch-detailed-error-logs-from-gitrepos-and-bundles",level:3},{value:"Check a chart rendering error in Kustomize?",id:"check-a-chart-rendering-error-in-kustomize",level:3},{value:"Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?",id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml",level:3},{value:"Check the status of the fleet-controller?",id:"check-the-status-of-the-fleet-controller",level:3},{value:"Enable debug logging for fleet-controller and fleet-agent?",id:"enable-debug-logging-for-fleet-controller-and-fleet-agent",level:3},{value:"Additional Solutions for Other Fleet Issues",id:"additional-solutions-for-other-fleet-issues",level:2},{value:"Naming conventions for CRDs",id:"naming-conventions-for-crds",level:3},{value:"HTTP secrets in Github",id:"http-secrets-in-github",level:3},{value:"Fleet fails with bad response code: 403",id:"fleet-fails-with-bad-response-code-403",level:3},{value:"Helm chart repo: certificate signed by unknown authority",id:"helm-chart-repo-certificate-signed-by-unknown-authority",level:3},{value:"Fleet deployment stuck in modified state",id:"fleet-deployment-stuck-in-modified-state",level:3},{value:"GitRepo or Bundle stuck in modified state",id:"gitrepo-or-bundle-stuck-in-modified-state",level:3},{value:"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state",id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state",level:3},{value:"What if the cluster is unavailable, or is in a WaitCheckIn state?",id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state",level:3},{value:"GitRepo complains with gzip: invalid header",id:"gitrepo-complains-with-gzip-invalid-header",level:3},{value:"Migrate the local cluster to the Fleet default cluster workspace?",id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace",level:3}],p={toc:c};function d(e){let{components:t,...n}=e;return(0,a.kt)("wrapper",(0,o.Z)({},p,n,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"troubleshooting"},"Troubleshooting"),(0,a.kt)("p",null,"This section contains commands and tips to troubleshoot Fleet."),(0,a.kt)("h2",{id:"how-do-i"},(0,a.kt)("strong",{parentName:"h2"},"How Do I...")),(0,a.kt)("h3",{id:"fetch-the-log-from-fleet-controller"},"Fetch the log from ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"In the local management cluster where the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is deployed, run the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -l app=fleet-controller -n cattle-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-the-log-from-the-fleet-agent"},"Fetch the log from the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Go to each downstream cluster and run the following command for the local cluster with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"# Downstream cluster\n$ kubectl logs -l app=fleet-agent -n cattle-fleet-system\n# Local cluster\n$ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system\n")),(0,a.kt)("h3",{id:"fetch-detailed-error-logs-from-gitrepos-and-bundles"},"Fetch detailed error logs from ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepos")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundles"),"?"),(0,a.kt)("p",null,"Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"For more information about the bundle, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"bundle"),", and the YAML mode will be enabled. "),(0,a.kt)("li",{parentName:"ul"},"For more information about the GitRepo, click on ",(0,a.kt)("inlineCode",{parentName:"li"},"GitRepo"),", then click on ",(0,a.kt)("inlineCode",{parentName:"li"},"View Yaml")," in the upper right of the screen. After viewing the YAML, check ",(0,a.kt)("inlineCode",{parentName:"li"},"status.conditions"),"; a detailed error message should be displayed here."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-controller")," for synching errors."),(0,a.kt)("li",{parentName:"ul"},"Check the ",(0,a.kt)("inlineCode",{parentName:"li"},"fleet-agent")," log in the downstream cluster if you encounter issues when deploying the bundle.")),(0,a.kt)("h3",{id:"check-a-chart-rendering-error-in-kustomize"},"Check a chart rendering error in ",(0,a.kt)("inlineCode",{parentName:"h3"},"Kustomize"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/troubleshooting#fetch-the-log-from-fleet-controller"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-controller")," logs")," and the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/troubleshooting#fetch-the-log-from-the-fleet-agent"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet-agent")," logs"),"."),(0,a.kt)("h3",{id:"check-errors-about-watching-or-checking-out-the-gitrepo-or-about-the-downloaded-helm-repo-in-fleetyaml"},"Check errors about watching or checking out the ",(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo"),", or about the downloaded Helm repo in ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet.yaml"),"?"),(0,a.kt)("p",null,"Check the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob-controller")," logs using the following command with your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitjob")," pod name filled in:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system\n")),(0,a.kt)("p",null,"Note that there are two containers inside the pod: the ",(0,a.kt)("inlineCode",{parentName:"p"},"step-git-source")," container that clones the git repo, and the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet")," container that applies bundles based on the git repo. "),(0,a.kt)("p",null,"The pods will usually have images named ",(0,a.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," with the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepo")," name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific ",(0,a.kt)("inlineCode",{parentName:"p"},"gitRepoName")," pod name and namespace:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},"$ kubectl logs -f $gitRepoName-pod-name -n namespace\n")),(0,a.kt)("h3",{id:"check-the-status-of-the-fleet-controller"},"Check the status of the ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller"),"?"),(0,a.kt)("p",null,"You can check the status of the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," pods by running the commands below:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,a.kt)("h3",{id:"enable-debug-logging-for-fleet-controller-and-fleet-agent"},"Enable debug logging for ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-controller")," and ",(0,a.kt)("inlineCode",{parentName:"h3"},"fleet-agent"),"?"),(0,a.kt)("p",null,"Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added."),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Go to the ",(0,a.kt)("strong",{parentName:"li"},"Dashboard"),", then click on the ",(0,a.kt)("strong",{parentName:"li"},"local cluster")," in the left navigation menu "),(0,a.kt)("li",{parentName:"ul"},"Select ",(0,a.kt)("strong",{parentName:"li"},"Apps & Marketplace"),", then ",(0,a.kt)("strong",{parentName:"li"},"Installed Apps")," from the dropdown "),(0,a.kt)("li",{parentName:"ul"},"From there, you will upgrade the Fleet chart with the value ",(0,a.kt)("inlineCode",{parentName:"li"},"debug=true"),". You can also set ",(0,a.kt)("inlineCode",{parentName:"li"},"debugLevel=5")," if desired.")),(0,a.kt)("h2",{id:"additional-solutions-for-other-fleet-issues"},(0,a.kt)("strong",{parentName:"h2"},"Additional Solutions for Other Fleet Issues")),(0,a.kt)("h3",{id:"naming-conventions-for-crds"},"Naming conventions for CRDs"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"For CRD terms like ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters")," and ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepos"),", you must reference the full CRD name. For example, the cluster CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"cluster.fleet.cattle.io"),", and the gitrepo CRD's complete name is ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo.fleet.cattle.io"),".")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"Bundles"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$gitrepoName-$path")," in the same workspace/namespace where the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," was created. Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$path")," is the path directory in the git repository that contains the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle")," (",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml"),").")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("inlineCode",{parentName:"p"},"BundleDeployments"),", which are created from the ",(0,a.kt)("inlineCode",{parentName:"p"},"bundle"),", follow the pattern ",(0,a.kt)("inlineCode",{parentName:"p"},"$bundleName-$clusterName")," in the namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"clusters-$workspace-$cluster-$generateHash"),". Note that ",(0,a.kt)("inlineCode",{parentName:"p"},"$clusterName")," is the cluster to which the bundle will be deployed."))),(0,a.kt)("h3",{id:"http-secrets-in-github"},"HTTP secrets in Github"),(0,a.kt)("p",null,"When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:"),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},"Create a ",(0,a.kt)("a",{parentName:"li",href:"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token"},"personal access token")," in Github."),(0,a.kt)("li",{parentName:"ol"},"In Rancher, create an HTTP ",(0,a.kt)("a",{parentName:"li",href:"https://rancher.com/docs/rancher/v2.6/en/k8s-in-rancher/secrets/"},"secret")," with your Github username."),(0,a.kt)("li",{parentName:"ol"},"Use your token as the secret.")),(0,a.kt)("h3",{id:"fleet-fails-with-bad-response-code-403"},"Fleet fails with bad response code: 403"),(0,a.kt)("p",null,"If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your ",(0,a.kt)("a",{parentName:"p",href:"/0.5/gitrepo-structure"},(0,a.kt)("inlineCode",{parentName:"a"},"fleet.yaml")),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"\n')),(0,a.kt)("p",null,"Perform the following steps to assess:"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},"Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully"),(0,a.kt)("li",{parentName:"ul"},"Check that your credentials for the git repo are valid")),(0,a.kt)("h3",{id:"helm-chart-repo-certificate-signed-by-unknown-authority"},"Helm chart repo: certificate signed by unknown authority"),(0,a.kt)("p",null,"If your GitJob returns the error below, you may have added the wrong certificate chain:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre"},'time="2021-11-11T05:55:08Z" level=fatal msg="Get \\"https://helm.intra/virtual-helm/index.yaml\\": x509: certificate signed by unknown authority" \n')),(0,a.kt)("p",null,"Please verify your certificate with the following command:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-bash"},"context=playground-local\nkubectl get secret -n fleet-default helm-repo -o jsonpath=\"{['data']['cacerts']}\" --context $context | base64 -d | openssl x509 -text -noout\nCertificate:\n Data:\n Version: 3 (0x2)\n Serial Number:\n 7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71\n Signature Algorithm: sha512WithRSAEncryption\n Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3\n...\n\n")),(0,a.kt)("h3",{id:"fleet-deployment-stuck-in-modified-state"},"Fleet deployment stuck in modified state"),(0,a.kt)("p",null,'When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.'),(0,a.kt)("p",null,"To ignore the modified flag for the differences between the Helm install generated by ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," and the resource in your cluster, add a ",(0,a.kt)("inlineCode",{parentName:"p"},"diff.comparePatches")," to the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," for your Deployment, as shown in this example:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'defaultNamespace: \nhelm: \n releaseName: \n repo: \n chart: \ndiff: \n comparePatches: \n - apiVersion: apps/v1\n kind: Deployment\n operations:\n - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}\n jsonPointers: # jsonPointers allows to ignore diffs at certain json path\n - "/spec/template/spec/priorityClassName"\n - "/spec/template/spec/tolerations" \n')),(0,a.kt)("p",null,"To determine which operations should be removed, observe the logs from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-agent")," on the target cluster. You should see entries similar to the following:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-text"},'level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\\"spec\\":{\\"template\\":{\\"spec\\":{\\"hostNetwork\\":false}}}}"\n')),(0,a.kt)("p",null,"Based on the above log, you can add the following entry to remove the operation:"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-json"},'{"op":"remove", "path":"/spec/template/spec/hostNetwork"}\n')),(0,a.kt)("h3",{id:"gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"h3"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"h3"},"Bundle")," stuck in modified state"),(0,a.kt)("p",null,(0,a.kt)("strong",{parentName:"p"},"Modified")," means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository."),(0,a.kt)("ol",null,(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"Check the ",(0,a.kt)("a",{parentName:"p",href:"/0.5/bundle-diffs"},"bundle diffs documentation")," for more information. ")),(0,a.kt)("li",{parentName:"ol"},(0,a.kt)("p",{parentName:"li"},"You can also force update the ",(0,a.kt)("inlineCode",{parentName:"p"},"gitrepo")," to perform a manual resync. Select ",(0,a.kt)("strong",{parentName:"p"},"GitRepo")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update"),"."))),(0,a.kt)("h3",{id:"bundle-has-a-horizontal-pod-autoscaler-hpa-in-modified-state"},"Bundle has a Horizontal Pod Autoscaler (HPA) in modified state"),(0,a.kt)("p",null,"For bundles with an HPA, the expected state is ",(0,a.kt)("inlineCode",{parentName:"p"},"Modified"),", as the bundle contains fields that differ from the state of the Bundle at deployment - usually ",(0,a.kt)("inlineCode",{parentName:"p"},"ReplicaSet"),"."),(0,a.kt)("p",null,"You must define a patch in the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," to ignore this field according to ",(0,a.kt)("a",{parentName:"p",href:"#gitrepo-or-bundle-stuck-in-modified-state"},(0,a.kt)("inlineCode",{parentName:"a"},"GitRepo")," or ",(0,a.kt)("inlineCode",{parentName:"a"},"Bundle")," stuck in modified state"),"."),(0,a.kt)("p",null,"Here is an example of such a patch for the deployment ",(0,a.kt)("inlineCode",{parentName:"p"},"nginx")," in namespace ",(0,a.kt)("inlineCode",{parentName:"p"},"default"),":"),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: nginx\n namespace: default\n operations:\n - {"op": "remove", "path": "/spec/replicas"}\n')),(0,a.kt)("h3",{id:"what-if-the-cluster-is-unavailable-or-is-in-a-waitcheckin-state"},"What if the cluster is unavailable, or is in a ",(0,a.kt)("inlineCode",{parentName:"h3"},"WaitCheckIn")," state?"),(0,a.kt)("p",null,"You will need to re-import and restart the registration process: Select ",(0,a.kt)("strong",{parentName:"p"},"Cluster")," on the left navigation bar, then select ",(0,a.kt)("strong",{parentName:"p"},"Force Update")),(0,a.kt)("admonition",{type:"caution"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"WaitCheckIn status for Rancher v2.5"),":\nThe cluster will show in ",(0,a.kt)("inlineCode",{parentName:"p"},"WaitCheckIn")," status because the ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-controller")," is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the ",(0,a.kt)("a",{parentName:"p",href:"https://rancher.com/docs/rancher/v2.5/en/installation/other-installation-methods/behind-proxy/install-rancher/#install-rancher"},"Rancher docs"),".")),(0,a.kt)("h3",{id:"gitrepo-complains-with-gzip-invalid-header"},"GitRepo complains with ",(0,a.kt)("inlineCode",{parentName:"h3"},"gzip: invalid header")),(0,a.kt)("p",null,"When you see an error like the one below ..."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-sh"},"Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header\n")),(0,a.kt)("p",null,"... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content."),(0,a.kt)("h3",{id:"migrate-the-local-cluster-to-the-fleet-default-cluster-workspace"},"Migrate the local cluster to the Fleet default cluster workspace?"),(0,a.kt)("p",null,"Users can create new workspaces and move clusters across workspaces.\nIt's currently not possible to move the local cluster from ",(0,a.kt)("inlineCode",{parentName:"p"},"fleet-local")," to another workspace."))}d.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f8113afe.bea190c5.js b/assets/js/f8113afe.4ff86efa.js similarity index 98% rename from assets/js/f8113afe.bea190c5.js rename to assets/js/f8113afe.4ff86efa.js index d1c980e15..96384ff86 100644 --- a/assets/js/f8113afe.bea190c5.js +++ b/assets/js/f8113afe.4ff86efa.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6957],{6828:(e,t,l)=>{l.d(t,{d:()=>s});const s={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},7600:(e,t,l)=>{l.r(t),l.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>u,toc:()=>d});var s=l(7462),n=(l(7294),l(3905)),a=l(6828),r=l(814);const i={},o="Single Cluster Install",u={unversionedId:"single-cluster-install",id:"version-0.5/single-cluster-install",title:"Single Cluster Install",description:"In this use case you have only one cluster. The cluster will run both the Fleet",source:"@site/versioned_docs/version-0.5/single-cluster-install.md",sourceDirName:".",slug:"/single-cluster-install",permalink:"/0.5/single-cluster-install",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/single-cluster-install.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation",permalink:"/0.5/installation"},next:{title:"Multi Cluster Install",permalink:"/0.5/multi-cluster-install"}},c={},d=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Helm 3",id:"helm-3",level:3},{value:"Kubernetes",id:"kubernetes",level:3},{value:"Install",id:"install",level:2}],h={toc:d};function p(e){let{components:t,...i}=e;return(0,n.kt)("wrapper",(0,s.Z)({},h,i,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"single-cluster-install"},"Single Cluster Install"),(0,n.kt)("p",null,(0,n.kt)("img",{src:l(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"In this use case you have only one cluster. The cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)("h3",{id:"helm-3"},"Helm 3"),(0,n.kt)("p",null,"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is\nfairly straight forward. To install the Helm 3 CLI follow the\n",(0,n.kt)("a",{parentName:"p",href:"https://helm.sh/docs/intro/install/"},"official install instructions"),". The TL;DR is"),(0,n.kt)("p",null,"macOS"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,n.kt)("p",null,"Windows"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"choco install kubernetes-helm\n")),(0,n.kt)("h3",{id:"kubernetes"},"Kubernetes"),(0,n.kt)("p",null,"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the\nsingle cluster use case you will install Fleet to the cluster which you intend to manage with GitOps.\nAny Kubernetes community supported version of Kubernetes will work, in practice this means 1.15 or greater."),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)("p",null,"First install the Fleet CustomResourcesDefintions."),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",a.d["v0.5"].fleetCRD),(0,n.kt)("p",null,"Second install the Fleet controllers."),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet"," ",a.d["v0.5"].fleet),(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.5/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."))}p.isMDXComponent=!0},1313:(e,t,l)=>{l.d(t,{Z:()=>s});const s=l.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[6957],{6828:(e,t,l)=>{l.d(t,{d:()=>s});const s={"v0.5":{fleet:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-0.5.3.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-agent-0.5.3.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.5.3/fleet-crd-0.5.3.tgz"},"v0.6":{fleet:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-0.6.0.tgz",fleetAgent:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-agent-0.6.0.tgz",fleetCRD:"https://github.com/rancher/fleet/releases/download/v0.6.0/fleet-crd-0.6.0.tgz"},next:{kubernetes:"1.20.5"}}},7600:(e,t,l)=>{l.r(t),l.d(t,{assets:()=>c,contentTitle:()=>o,default:()=>p,frontMatter:()=>i,metadata:()=>u,toc:()=>d});var s=l(7462),n=(l(7294),l(3905)),a=l(6828),r=l(814);const i={},o="Single Cluster Install",u={unversionedId:"single-cluster-install",id:"version-0.5/single-cluster-install",title:"Single Cluster Install",description:"In this use case you have only one cluster. The cluster will run both the Fleet",source:"@site/versioned_docs/version-0.5/single-cluster-install.md",sourceDirName:".",slug:"/single-cluster-install",permalink:"/0.5/single-cluster-install",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/single-cluster-install.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Installation",permalink:"/0.5/installation"},next:{title:"Multi Cluster Install",permalink:"/0.5/multi-cluster-install"}},c={},d=[{value:"Prerequisites",id:"prerequisites",level:2},{value:"Helm 3",id:"helm-3",level:3},{value:"Kubernetes",id:"kubernetes",level:3},{value:"Install",id:"install",level:2}],h={toc:d};function p(e){let{components:t,...i}=e;return(0,n.kt)("wrapper",(0,s.Z)({},h,i,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("h1",{id:"single-cluster-install"},"Single Cluster Install"),(0,n.kt)("p",null,(0,n.kt)("img",{src:l(1313).Z,width:"520",height:"279"})),(0,n.kt)("p",null,"In this use case you have only one cluster. The cluster will run both the Fleet\nmanager and the Fleet agent. The cluster will communicate with Git server to\ndeploy resources to this local cluster. This is the simplest setup and very\nuseful for dev/test and small scale setups. This use case is supported as a valid\nuse case for production."),(0,n.kt)("h2",{id:"prerequisites"},"Prerequisites"),(0,n.kt)("h3",{id:"helm-3"},"Helm 3"),(0,n.kt)("p",null,"Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and is\nfairly straight forward. To install the Helm 3 CLI follow the\n",(0,n.kt)("a",{parentName:"p",href:"https://helm.sh/docs/intro/install/"},"official install instructions"),". The TL;DR is"),(0,n.kt)("p",null,"macOS"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"brew install helm\n")),(0,n.kt)("p",null,"Windows"),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"choco install kubernetes-helm\n")),(0,n.kt)("h3",{id:"kubernetes"},"Kubernetes"),(0,n.kt)("p",null,"Fleet is a controller running on a Kubernetes cluster so an existing cluster is required. For the\nsingle cluster use case you will install Fleet to the cluster which you intend to manage with GitOps.\nAny Kubernetes community supported version of Kubernetes will work, in practice this means 1.15 or greater."),(0,n.kt)("h2",{id:"install"},"Install"),(0,n.kt)("p",null,"Install the following two Helm charts."),(0,n.kt)("p",null,"First install the Fleet CustomResourcesDefintions."),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet-crd"," ",a.d["v0.5"].fleetCRD),(0,n.kt)("p",null,"Second install the Fleet controllers."),(0,n.kt)(r.Z,{language:"bash",mdxType:"CodeBlock"},"helm -n cattle-fleet-system install --create-namespace --wait \\\n fleet"," ",a.d["v0.5"].fleet),(0,n.kt)("p",null,"Fleet should be ready to use now for single cluster. You can check the status of the Fleet controller pods by\nrunning the below commands."),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n cattle-fleet-system logs -l app=fleet-controller\nkubectl -n cattle-fleet-system get pods -l app=fleet-controller\n")),(0,n.kt)("pre",null,(0,n.kt)("code",{parentName:"pre"},"NAME READY STATUS RESTARTS AGE\nfleet-controller-64f49d756b-n57wq 1/1 Running 0 3m21s\n")),(0,n.kt)("p",null,"You can now ",(0,n.kt)("a",{parentName:"p",href:"/0.5/gitrepo-add"},"register some git repos")," in the ",(0,n.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace to start deploying Kubernetes resources."))}p.isMDXComponent=!0},1313:(e,t,l)=>{l.d(t,{Z:()=>s});const s=l.p+"assets/images/single-cluster-72ee1a61547953f123dd741c02cd2017.png"}}]); \ No newline at end of file diff --git a/assets/js/f8909550.15178a51.js b/assets/js/f8909550.7f0e2ee6.js similarity index 98% rename from assets/js/f8909550.15178a51.js rename to assets/js/f8909550.7f0e2ee6.js index 936323d2f..05828dc18 100644 --- a/assets/js/f8909550.15178a51.js +++ b/assets/js/f8909550.7f0e2ee6.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7893],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=l,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||s;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,r=new Array(s);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:l,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>s,metadata:()=>i,toc:()=>p});var n=a(7462),l=(a(7294),a(3905));const s={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.4/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.4/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.4/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/namespaces.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Groups",permalink:"/0.4/cluster-group"},next:{title:"Adding a GitRepo",permalink:"/0.4/gitrepo-add"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local",id:"fleet-local",level:3},{value:"cattle-fleet-system",id:"cattle-fleet-system",level:3},{value:"cattle-fleet-clusters-system",id:"cattle-fleet-clusters-system",level:3},{value:"Cluster namespaces",id:"cluster-namespaces",level:3},{value:"Cross namespace deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2}],c={toc:p};function m(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,n.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"namespaces"},"Namespaces"),(0,l.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,l.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,l.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,l.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,l.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,l.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,l.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,l.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,l.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,l.kt)("h3",{id:"fleet-local"},"fleet-local"),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,l.kt)("p",null,"When fleet is installed the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,l.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,l.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,l.kt)("h3",{id:"cattle-fleet-system"},"cattle-fleet-system"),(0,l.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,l.kt)("h3",{id:"cattle-fleet-clusters-system"},"cattle-fleet-clusters-system"),(0,l.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,l.kt)("h3",{id:"cluster-namespaces"},"Cluster namespaces"),(0,l.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces have are named in the form ",(0,l.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,l.kt)("h2",{id:"cross-namespace-deployments"},"Cross namespace deployments"),(0,l.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,l.kt)("p",null,"If you are creating a ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,l.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,l.kt)("p",null,"A ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,l.kt)("p",null,"If the ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,l.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,l.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,l.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,l.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,l.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,l.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,l.kt)("p",null,"A namespace can contain multiple ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,l.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,l.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[7893],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=l,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||s;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,r=new Array(s);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:l,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>s,metadata:()=>i,toc:()=>p});var n=a(7462),l=(a(7294),a(3905));const s={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.4/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.4/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.4/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/namespaces.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Groups",permalink:"/0.4/cluster-group"},next:{title:"Adding a GitRepo",permalink:"/0.4/gitrepo-add"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local",id:"fleet-local",level:3},{value:"cattle-fleet-system",id:"cattle-fleet-system",level:3},{value:"cattle-fleet-clusters-system",id:"cattle-fleet-clusters-system",level:3},{value:"Cluster namespaces",id:"cluster-namespaces",level:3},{value:"Cross namespace deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2}],c={toc:p};function m(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,n.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"namespaces"},"Namespaces"),(0,l.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,l.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,l.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,l.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,l.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,l.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,l.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,l.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,l.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,l.kt)("h3",{id:"fleet-local"},"fleet-local"),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,l.kt)("p",null,"When fleet is installed the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,l.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,l.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,l.kt)("h3",{id:"cattle-fleet-system"},"cattle-fleet-system"),(0,l.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,l.kt)("h3",{id:"cattle-fleet-clusters-system"},"cattle-fleet-clusters-system"),(0,l.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,l.kt)("h3",{id:"cluster-namespaces"},"Cluster namespaces"),(0,l.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces have are named in the form ",(0,l.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,l.kt)("h2",{id:"cross-namespace-deployments"},"Cross namespace deployments"),(0,l.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,l.kt)("p",null,"If you are creating a ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,l.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,l.kt)("p",null,"A ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,l.kt)("p",null,"If the ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,l.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,l.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,l.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,l.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,l.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,l.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,l.kt)("p",null,"A namespace can contain multiple ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,l.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,l.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/f94f0fba.c173bad2.js b/assets/js/f94f0fba.79168c4f.js similarity index 99% rename from assets/js/f94f0fba.c173bad2.js rename to assets/js/f94f0fba.79168c4f.js index 87e6fc5e6..259ba9ec9 100644 --- a/assets/js/f94f0fba.c173bad2.js +++ b/assets/js/f94f0fba.79168c4f.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8205],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>u});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,d=i(e,["components","mdxType","originalType","parentName"]),p=c(a),u=l,m=p["".concat(s,".").concat(u)]||p[u]||h[u]||n;return a?r.createElement(m,o(o({ref:t},d),{},{components:a})):r.createElement(m,o({ref:t},d))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=p;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>h,frontMatter:()=>n,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"",date:"2024-05-02 12:18:29 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.8.4",id:"version-0.8/changelogs/changelogs/v0.8.4",title:"",description:"(rancherio-gh-m) released this 2024-05-02 1229 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.4.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.4",permalink:"/0.8/changelogs/changelogs/v0.8.4",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.4.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",date:"2024-05-02 12:18:29 +0000 UTC"},sidebar:"docs",previous:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.3"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-05-02 12:18:29 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump google.golang.org/protobuf to v1.33.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231223828","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2307","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2307/hovercard",href:"https://github.com/rancher/fleet/pull/2307"},"#2307")),(0,l.kt)("li",null,"Bump github.com/docker/docker to v23.0.10 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231223828","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2307","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2307/hovercard",href:"https://github.com/rancher/fleet/pull/2307"},"#2307")),(0,l.kt)("li",null,"Bump github.com/hashicorp/go-getter to v1.7.4 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2256450628","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2351","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2351/hovercard",href:"https://github.com/rancher/fleet/pull/2351"},"#2351")),(0,l.kt)("li",null,"Bump golang.org/x/net to v0.23.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2268166861","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2383","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2383/hovercard",href:"https://github.com/rancher/fleet/pull/2383"},"#2383")),(0,l.kt)("li",null,"Bump gitjob to v0.8.7 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2268175505","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2386","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2386/hovercard",href:"https://github.com/rancher/fleet/pull/2386"},"#2386"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.3...v0.8.4"},(0,l.kt)("tt",null,"v0.8.3...v0.8.4"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-crd-0.8.4.tgz"},"fleet-crd-0.8.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-agent-0.8.4.tgz"},"fleet-agent-0.8.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-0.8.4.tgz"},"fleet-0.8.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.4"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[8205],{3905:(e,t,a)=>{a.d(t,{Zo:()=>d,kt:()=>u});var r=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function n(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var s=r.createContext({}),c=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},d=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},h={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},p=r.forwardRef((function(e,t){var a=e.components,l=e.mdxType,n=e.originalType,s=e.parentName,d=i(e,["components","mdxType","originalType","parentName"]),p=c(a),u=l,m=p["".concat(s,".").concat(u)]||p[u]||h[u]||n;return a?r.createElement(m,o(o({ref:t},d),{},{components:a})):r.createElement(m,o({ref:t},d))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var n=a.length,o=new Array(n);o[0]=p;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,o[1]=i;for(var c=2;c{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>h,frontMatter:()=>n,metadata:()=>i,toc:()=>c});var r=a(7462),l=(a(7294),a(3905));const n={title:"",date:"2024-05-02 12:18:29 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.8.4",id:"version-0.8/changelogs/changelogs/v0.8.4",title:"",description:"(rancherio-gh-m) released this 2024-05-02 1229 +0000 UTC",source:"@site/versioned_docs/version-0.8/changelogs/changelogs/v0.8.4.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.8.4",permalink:"/0.8/changelogs/changelogs/v0.8.4",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/changelogs/changelogs/v0.8.4.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",date:"2024-05-02 12:18:29 +0000 UTC"},sidebar:"docs",previous:{title:"",permalink:"/0.8/changelogs/changelogs/v0.8.3"}},s={},c=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],d={toc:c};function h(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,r.Z)({},d,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2024-05-02 12:18:29 +0000 UTC*")),(0,l.kt)("h2",{id:"description"},"Description"),(0,l.kt)("h2",null,"What's Changed"),(0,l.kt)("ul",null,(0,l.kt)("li",null,"Bump google.golang.org/protobuf to v1.33.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231223828","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2307","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2307/hovercard",href:"https://github.com/rancher/fleet/pull/2307"},"#2307")),(0,l.kt)("li",null,"Bump github.com/docker/docker to v23.0.10 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2231223828","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2307","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2307/hovercard",href:"https://github.com/rancher/fleet/pull/2307"},"#2307")),(0,l.kt)("li",null,"Bump github.com/hashicorp/go-getter to v1.7.4 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2256450628","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2351","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2351/hovercard",href:"https://github.com/rancher/fleet/pull/2351"},"#2351")),(0,l.kt)("li",null,"Bump golang.org/x/net to v0.23.0 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2268166861","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2383","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2383/hovercard",href:"https://github.com/rancher/fleet/pull/2383"},"#2383")),(0,l.kt)("li",null,"Bump gitjob to v0.8.7 by ",(0,l.kt)("a",{class:"user-mention notranslate","data-hovercard-type":"user","data-hovercard-url":"/users/thardeck/hovercard","data-octo-click":"hovercard-link-click","data-octo-dimensions":"link_type:self",href:"https://github.com/thardeck"},"@thardeck")," in ",(0,l.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"2268175505","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/2386","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/2386/hovercard",href:"https://github.com/rancher/fleet/pull/2386"},"#2386"))),(0,l.kt)("p",null,(0,l.kt)("strong",null,"Full Changelog"),": ",(0,l.kt)("a",{class:"commit-link",href:"https://github.com/rancher/fleet/compare/v0.8.3...v0.8.4"},(0,l.kt)("tt",null,"v0.8.3...v0.8.4"))),(0,l.kt)("h2",{id:"download"},"Download"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-crd-0.8.4.tgz"},"fleet-crd-0.8.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-agent-0.8.4.tgz"},"fleet-agent-0.8.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-0.8.4.tgz"},"fleet-0.8.4.tgz"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("p",{parentName:"li"},(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.8.4/fleet-linux-arm64"},"fleet-linux-arm64")))),(0,l.kt)("p",null,(0,l.kt)("em",{parentName:"p"},"Information retrieved from ",(0,l.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.8.4"},"here"))))}h.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/fa2a1a7c.e434171e.js b/assets/js/fa2a1a7c.eab8d141.js similarity index 99% rename from assets/js/fa2a1a7c.e434171e.js rename to assets/js/fa2a1a7c.eab8d141.js index 01fea52b1..fa55f6198 100644 --- a/assets/js/fa2a1a7c.e434171e.js +++ b/assets/js/fa2a1a7c.eab8d141.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2607],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>h});var r=a(7294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var s=r.createContext({}),p=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return r.createElement(s.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),d=p(a),h=n,m=d["".concat(s,".").concat(h)]||d[h]||c[h]||l;return a?r.createElement(m,o(o({ref:t},u),{},{components:a})):r.createElement(m,o({ref:t},u))}));function h(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var l=a.length,o=new Array(l);o[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>c,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var r=a(7462),n=(a(7294),a(3905));const l={title:"Fleet v0.4.0",date:"2022-10-13 16:38:56 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.4.0",id:"version-0.4/changelogs/changelogs/v0.4.0",title:"Fleet v0.4.0",description:"(rancherio-gh-m) released this 2022-10-13 1656 +0000 UTC",source:"@site/versioned_docs/version-0.4/changelogs/changelogs/v0.4.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.4.0",permalink:"/0.4/changelogs/changelogs/v0.4.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/changelogs/changelogs/v0.4.0.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"Fleet v0.4.0",date:"2022-10-13 16:38:56 +0000 UTC"},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.4/uninstall"},next:{title:"Fleet v0.4.1",permalink:"/0.4/changelogs/changelogs/v0.4.1"}},s={},p=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],u={toc:p};function c(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,r.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2022-10-13 16:38:56 +0000 UTC*")),(0,n.kt)("h2",{id:"description"},"Description"),(0,n.kt)("h2",null,"Additions"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Added the ability to utilize Helm ",(0,n.kt)("em",null,"atomic")," when installing and upgrading."),(0,n.kt)("li",null,"Added an RBAC rule for leases.coordination.k8s.io in the Gitjob chart.")),(0,n.kt)("p",null,(0,n.kt)("em",null,"Note: due to an issue in the fleet agent, when a bundle fails to install properly the agent goes into a cycle of repeatedly trying to reinstall. This happens when ",(0,n.kt)("strong",null,"atomic")," is set or there is an error with installing the bundle for another reason. This is the cause of issue ",(0,n.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"978032156","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/499","data-hovercard-type":"issue","data-hovercard-url":"/rancher/fleet/issues/499/hovercard",href:"https://github.com/rancher/fleet/issues/499"},"#499")," and is being worked on.")),(0,n.kt)("p",null,(0,n.kt)("em",null,"Note: due to an issue in the fleet controller the presence of a clusterregistrationtoken resource can lead to a higher than normal CPU load. The token expiry time is not updated correctly. The ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet/pull/995","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/995/hovercard"},"issue")," is fixed in the next version of fleet.")),(0,n.kt)("h2",null,"Bug Fixes"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Fixed an issue where the fleet agent can continuously delete resources")),(0,n.kt)("h2",null,"Changes"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Added CI testing to Gitjob"),(0,n.kt)("li",null,"Updated dependencies (Go modules and base container images)"),(0,n.kt)("li",null,"Updated to a newer version of the Tekton components used by Fleet"),(0,n.kt)("li",null,"Updated builds to Go 1.18"),(0,n.kt)("li",null,"Updated the base container images to use SLE BCI")),(0,n.kt)("h2",{id:"download"},"Download"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-crd-0.4.0.tgz"},"fleet-crd-0.4.0.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-agent-0.4.0.tgz"},"fleet-agent-0.4.0.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-0.4.0.tgz"},"fleet-0.4.0.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,n.kt)("p",null,(0,n.kt)("em",{parentName:"p"},"Information retrieved from ",(0,n.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.4.0"},"here"))))}c.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2607],{3905:(e,t,a)=>{a.d(t,{Zo:()=>u,kt:()=>h});var r=a(7294);function n(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function l(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,r)}return a}function o(e){for(var t=1;t=0||(n[a]=e[a]);return n}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(n[a]=e[a])}return n}var s=r.createContext({}),p=function(e){var t=r.useContext(s),a=t;return e&&(a="function"==typeof e?e(t):o(o({},t),e)),a},u=function(e){var t=p(e.components);return r.createElement(s.Provider,{value:t},e.children)},c={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var a=e.components,n=e.mdxType,l=e.originalType,s=e.parentName,u=i(e,["components","mdxType","originalType","parentName"]),d=p(a),h=n,m=d["".concat(s,".").concat(h)]||d[h]||c[h]||l;return a?r.createElement(m,o(o({ref:t},u),{},{components:a})):r.createElement(m,o({ref:t},u))}));function h(e,t){var a=arguments,n=t&&t.mdxType;if("string"==typeof e||n){var l=a.length,o=new Array(l);o[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:n,o[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>s,contentTitle:()=>o,default:()=>c,frontMatter:()=>l,metadata:()=>i,toc:()=>p});var r=a(7462),n=(a(7294),a(3905));const l={title:"Fleet v0.4.0",date:"2022-10-13 16:38:56 +0000 UTC"},o=void 0,i={unversionedId:"changelogs/changelogs/v0.4.0",id:"version-0.4/changelogs/changelogs/v0.4.0",title:"Fleet v0.4.0",description:"(rancherio-gh-m) released this 2022-10-13 1656 +0000 UTC",source:"@site/versioned_docs/version-0.4/changelogs/changelogs/v0.4.0.md",sourceDirName:"changelogs/changelogs",slug:"/changelogs/changelogs/v0.4.0",permalink:"/0.4/changelogs/changelogs/v0.4.0",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/changelogs/changelogs/v0.4.0.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"Fleet v0.4.0",date:"2022-10-13 16:38:56 +0000 UTC"},sidebar:"docs",previous:{title:"Uninstall",permalink:"/0.4/uninstall"},next:{title:"Fleet v0.4.1",permalink:"/0.4/changelogs/changelogs/v0.4.1"}},s={},p=[{value:"Description",id:"description",level:2},{value:"Download",id:"download",level:2}],u={toc:p};function c(e){let{components:t,...a}=e;return(0,n.kt)("wrapper",(0,r.Z)({},u,a,{components:t,mdxType:"MDXLayout"}),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},"(rancherio-gh-m) released this 2022-10-13 16:38:56 +0000 UTC*")),(0,n.kt)("h2",{id:"description"},"Description"),(0,n.kt)("h2",null,"Additions"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Added the ability to utilize Helm ",(0,n.kt)("em",null,"atomic")," when installing and upgrading."),(0,n.kt)("li",null,"Added an RBAC rule for leases.coordination.k8s.io in the Gitjob chart.")),(0,n.kt)("p",null,(0,n.kt)("em",null,"Note: due to an issue in the fleet agent, when a bundle fails to install properly the agent goes into a cycle of repeatedly trying to reinstall. This happens when ",(0,n.kt)("strong",null,"atomic")," is set or there is an error with installing the bundle for another reason. This is the cause of issue ",(0,n.kt)("a",{class:"issue-link js-issue-link","data-error-text":"Failed to load title","data-id":"978032156","data-permission-text":"Title is private","data-url":"https://github.com/rancher/fleet/issues/499","data-hovercard-type":"issue","data-hovercard-url":"/rancher/fleet/issues/499/hovercard",href:"https://github.com/rancher/fleet/issues/499"},"#499")," and is being worked on.")),(0,n.kt)("p",null,(0,n.kt)("em",null,"Note: due to an issue in the fleet controller the presence of a clusterregistrationtoken resource can lead to a higher than normal CPU load. The token expiry time is not updated correctly. The ",(0,n.kt)("a",{href:"https://github.com/rancher/fleet/pull/995","data-hovercard-type":"pull_request","data-hovercard-url":"/rancher/fleet/pull/995/hovercard"},"issue")," is fixed in the next version of fleet.")),(0,n.kt)("h2",null,"Bug Fixes"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Fixed an issue where the fleet agent can continuously delete resources")),(0,n.kt)("h2",null,"Changes"),(0,n.kt)("ul",null,(0,n.kt)("li",null,"Added CI testing to Gitjob"),(0,n.kt)("li",null,"Updated dependencies (Go modules and base container images)"),(0,n.kt)("li",null,"Updated to a newer version of the Tekton components used by Fleet"),(0,n.kt)("li",null,"Updated builds to Go 1.18"),(0,n.kt)("li",null,"Updated the base container images to use SLE BCI")),(0,n.kt)("h2",{id:"download"},"Download"),(0,n.kt)("ul",null,(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/sha256sum-amd64.txt"},"sha256sum-amd64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetcontroller-windows-amd64.exe"},"fleetcontroller-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetcontroller-linux-amd64"},"fleetcontroller-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetagent-windows-amd64.exe"},"fleetagent-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetagent-linux-amd64"},"fleetagent-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-windows-amd64.exe"},"fleet-windows-amd64.exe"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-linux-amd64"},"fleet-linux-amd64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-crd-0.4.0.tgz"},"fleet-crd-0.4.0.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-agent-0.4.0.tgz"},"fleet-agent-0.4.0.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-0.4.0.tgz"},"fleet-0.4.0.tgz"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/sha256sum-arm64.txt"},"sha256sum-arm64.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetcontroller-linux-arm64"},"fleetcontroller-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetagent-linux-arm64"},"fleetagent-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-linux-arm64"},"fleet-linux-arm64"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/sha256sum-s390x.txt"},"sha256sum-s390x.txt"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetcontroller-linux-s390x"},"fleetcontroller-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleetagent-linux-s390x"},"fleetagent-linux-s390x"))),(0,n.kt)("li",{parentName:"ul"},(0,n.kt)("p",{parentName:"li"},(0,n.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/releases/download/v0.4.0/fleet-linux-s390x"},"fleet-linux-s390x")))),(0,n.kt)("p",null,(0,n.kt)("em",{parentName:"p"},"Information retrieved from ",(0,n.kt)("a",{parentName:"em",href:"https://github.com/rancher/fleet/releases/tag/v0.4.0"},"here"))))}c.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/fb76c575.80739892.js b/assets/js/fb76c575.ae597717.js similarity index 99% rename from assets/js/fb76c575.80739892.js rename to assets/js/fb76c575.ae597717.js index d4d050112..749c855c4 100644 --- a/assets/js/fb76c575.80739892.js +++ b/assets/js/fb76c575.ae597717.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3200],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var o=a.createContext({}),p=function(e){var t=a.useContext(o),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},c=function(e){var t=p(e.components);return a.createElement(o.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,o=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),d=p(n),m=l,h=d["".concat(o,".").concat(m)]||d[m]||u[m]||r;return n?a.createElement(h,i(i({ref:t},c),{},{components:n})):a.createElement(h,i({ref:t},c))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=d;var s={};for(var o in t)hasOwnProperty.call(t,o)&&(s[o]=t[o]);s.originalType=e,s.mdxType="string"==typeof e?e:l,i[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>o,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>s,toc:()=>p});var a=n(7462),l=(n(7294),n(3905));const r={},i="Agent Initiated",s={unversionedId:"agent-initiated",id:"version-0.4/agent-initiated",title:"Agent Initiated",description:"Refer to the overview page for a background information on the agent initiated registration style.",source:"@site/versioned_docs/version-0.4/agent-initiated.md",sourceDirName:".",slug:"/agent-initiated",permalink:"/0.4/agent-initiated",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/agent-initiated.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Tokens",permalink:"/0.4/cluster-tokens"},next:{title:"Manager Initiated",permalink:"/0.4/manager-initiated"}},o={},p=[{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:2},{value:"Install agent for a new Cluster",id:"install-agent-for-a-new-cluster",level:2},{value:"Install agent for a predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:2}],c={toc:p};function u(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"agent-initiated"},"Agent Initiated"),(0,l.kt)("p",null,"Refer to the ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-overview#agent-initiated-registration"},"overview page")," for a background information on the agent initiated registration style."),(0,l.kt)("h2",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,l.kt)("p",null,"A downstream cluster is registered using the ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,l.kt)("strong",{parentName:"p"},"client ID")," or ",(0,l.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required. Refer to the ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-tokens"},"cluster registration token page")," for more information\non how to create tokens and obtain the values. The cluster registration token is manifested as a ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will\nbe passed to the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm install")," process."),(0,l.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,l.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,l.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,l.kt)("h2",{id:"install-agent-for-a-new-cluster"},"Install agent for a new Cluster"),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,l.kt)("p",null,"First, follow the ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-tokens"},"cluster registration token page")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,l.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,l.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,l.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,l.kt)("p",null,"Value in ",(0,l.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,l.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,l.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"warning"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-agent-0.4.1.tgz\n')),(0,l.kt)("p",null,"The agent should now be deployed. You can check that status of the fleet pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")),(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.4/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")),(0,l.kt)("h2",{id:"install-agent-for-a-predefined-cluster"},"Install agent for a predefined Cluster"),(0,l.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,l.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,l.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,l.kt)("p",null,"First, create a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,l.kt)("p",null,"Second, follow the ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-tokens"},"cluster registration token page")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,l.kt)("p",null,"Third, setup your environment to use the client ID."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-agent-v0.4.1.tgz\n')),(0,l.kt)("p",null,"The agent should now be deployed. You can check that status of the fleet pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")),(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.4/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3200],{3905:(e,t,n)=>{n.d(t,{Zo:()=>c,kt:()=>m});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var o=a.createContext({}),p=function(e){var t=a.useContext(o),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},c=function(e){var t=p(e.components);return a.createElement(o.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},d=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,o=e.parentName,c=s(e,["components","mdxType","originalType","parentName"]),d=p(n),m=l,h=d["".concat(o,".").concat(m)]||d[m]||u[m]||r;return n?a.createElement(h,i(i({ref:t},c),{},{components:n})):a.createElement(h,i({ref:t},c))}));function m(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=d;var s={};for(var o in t)hasOwnProperty.call(t,o)&&(s[o]=t[o]);s.originalType=e,s.mdxType="string"==typeof e?e:l,i[1]=s;for(var p=2;p{n.r(t),n.d(t,{assets:()=>o,contentTitle:()=>i,default:()=>u,frontMatter:()=>r,metadata:()=>s,toc:()=>p});var a=n(7462),l=(n(7294),n(3905));const r={},i="Agent Initiated",s={unversionedId:"agent-initiated",id:"version-0.4/agent-initiated",title:"Agent Initiated",description:"Refer to the overview page for a background information on the agent initiated registration style.",source:"@site/versioned_docs/version-0.4/agent-initiated.md",sourceDirName:".",slug:"/agent-initiated",permalink:"/0.4/agent-initiated",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/agent-initiated.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Tokens",permalink:"/0.4/cluster-tokens"},next:{title:"Manager Initiated",permalink:"/0.4/manager-initiated"}},o={},p=[{value:"Cluster Registration Token and Client ID",id:"cluster-registration-token-and-client-id",level:2},{value:"Install agent for a new Cluster",id:"install-agent-for-a-new-cluster",level:2},{value:"Install agent for a predefined Cluster",id:"install-agent-for-a-predefined-cluster",level:2}],c={toc:p};function u(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},c,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"agent-initiated"},"Agent Initiated"),(0,l.kt)("p",null,"Refer to the ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-overview#agent-initiated-registration"},"overview page")," for a background information on the agent initiated registration style."),(0,l.kt)("h2",{id:"cluster-registration-token-and-client-id"},"Cluster Registration Token and Client ID"),(0,l.kt)("p",null,"A downstream cluster is registered using the ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," and optionally a ",(0,l.kt)("strong",{parentName:"p"},"client ID")," or ",(0,l.kt)("strong",{parentName:"p"},"cluster labels"),"."),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"cluster registration token")," is a credential that will authorize the downstream cluster agent to be\nable to initiate the registration process. This is required. Refer to the ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-tokens"},"cluster registration token page")," for more information\non how to create tokens and obtain the values. The cluster registration token is manifested as a ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file that will\nbe passed to the ",(0,l.kt)("inlineCode",{parentName:"p"},"helm install")," process."),(0,l.kt)("p",null,"There are two styles of registering an agent. You can have the cluster for this agent dynamically created, in which\ncase you will probably want to specify ",(0,l.kt)("strong",{parentName:"p"},"cluster labels")," upon registration. Or you can have the agent register to a predefined\ncluster in the Fleet manager, in which case you will need a ",(0,l.kt)("strong",{parentName:"p"},"client ID"),". The former approach is typically the easiest."),(0,l.kt)("h2",{id:"install-agent-for-a-new-cluster"},"Install agent for a new Cluster"),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. Following are explanations how to determine and set its parameters."),(0,l.kt)("p",null,"First, follow the ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-tokens"},"cluster registration token page")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," which contains\nthe registration token to authenticate against the Fleet cluster."),(0,l.kt)("p",null,"Second, optionally you can define labels that will assigned to the newly created cluster upon registration. After\nregistration is completed an agent cannot change the labels of the cluster. To add cluster labels add\n",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.KEY=VALUE")," to the below Helm command. To add the labels ",(0,l.kt)("inlineCode",{parentName:"p"},"foo=bar")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"bar=baz")," then you would\nadd ",(0,l.kt)("inlineCode",{parentName:"p"},"--set-string labels.foo=bar --set-string labels.bar=baz")," to the command line."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'# Leave blank if you do not want any labels\nCLUSTER_LABELS="--set-string labels.example=true --set-string labels.env=dev"\n')),(0,l.kt)("p",null,"Third, set variables with the Fleet cluster's API Server URL and CA, for the downstream cluster to use for connecting."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"API_SERVER_URL=https://...\nAPI_SERVER_CA_DATA=...\n")),(0,l.kt)("p",null,"Value in ",(0,l.kt)("inlineCode",{parentName:"p"},"API_SERVER_CA_DATA")," can be obtained from a ",(0,l.kt)("inlineCode",{parentName:"p"},".kube/config")," file with valid data to connect to the upstream cluster\n(under the ",(0,l.kt)("inlineCode",{parentName:"p"},"certificate-authority-data")," key). Alternatively it can be obtained from within the upstream cluster itself,\nby looking up the default ServiceAccount secret name (typically prefixed with ",(0,l.kt)("inlineCode",{parentName:"p"},"default-token-"),", in the default namespace),\nunder the ",(0,l.kt)("inlineCode",{parentName:"p"},"ca.crt")," key."),(0,l.kt)("admonition",{type:"caution"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"warning"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n $CLUSTER_LABELS \\\n --values values.yaml \\\n --set apiServerCA="$API_SERVER_CA_DATA" \\\n --set apiServerURL="$API_SERVER_URL" \\\n fleet-agent https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-agent-0.4.1.tgz\n')),(0,l.kt)("p",null,"The agent should now be deployed. You can check that status of the fleet pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")),(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.4/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\ncluster-ab13e54400f1 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")),(0,l.kt)("h2",{id:"install-agent-for-a-predefined-cluster"},"Install agent for a predefined Cluster"),(0,l.kt)("p",null,"Client IDs are for the purpose of predefining clusters in the Fleet manager with existing labels and repos targeted to them.\nA client ID is not required and is just one approach to managing clusters.\nThe ",(0,l.kt)("strong",{parentName:"p"},"client ID")," is a unique string that will identify the cluster.\nThis string is user generated and opaque to the Fleet manager and agent. It is assumed to be sufficiently unique. For security reasons one should not be able to easily guess this value\nas then one cluster could impersonate another. The client ID is optional and if not specified the UID field of the ",(0,l.kt)("inlineCode",{parentName:"p"},"kube-system")," namespace\nresource will be used as the client ID. Upon registration if the client ID is found on a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource in the Fleet manager it will associate\nthe agent with that ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". If no ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource is found with that client ID a new ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," resource will be created with the specific\nclient ID."),(0,l.kt)("p",null,"The Fleet agent is installed as a Helm chart. The only parameters to the helm chart installation should be the cluster registration token, which\nis represented by the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file and the client ID. The client ID is optional."),(0,l.kt)("p",null,"First, create a ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," in the Fleet Manager with the random client ID you have chosen."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: Cluster\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: my-cluster\n namespace: clusters\nspec:\n clientID: "really-random"\n')),(0,l.kt)("p",null,"Second, follow the ",(0,l.kt)("a",{parentName:"p",href:"/0.4/cluster-tokens"},"cluster registration token page")," to obtain the ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml")," file to be used."),(0,l.kt)("p",null,"Third, setup your environment to use the client ID."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'CLUSTER_CLIENT_ID="really-random"\n')),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Use proper namespace and release name"),":\nFor the agent chart the namespace must be ",(0,l.kt)("inlineCode",{parentName:"p"},"cattle-fleet-system")," and the release name ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-agent"))),(0,l.kt)("admonition",{type:"note"},(0,l.kt)("p",{parentName:"admonition"},(0,l.kt)("strong",{parentName:"p"},"Ensure you are installing to the right cluster"),":\nHelm will use the default context in ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," to deploy the agent. Use ",(0,l.kt)("inlineCode",{parentName:"p"},"--kubeconfig")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"--kube-context"),"\nto change which cluster Helm is installing to.")),(0,l.kt)("p",null,"Finally, install the agent using Helm."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},'helm -n cattle-fleet-system install --create-namespace --wait \\\n --set clientID="$CLUSTER_CLIENT_ID" \\\n --values values.yaml \\\n fleet-agent https://github.com/rancher/fleet/releases/download/v0.4.1/fleet-agent-v0.4.1.tgz\n')),(0,l.kt)("p",null,"The agent should now be deployed. You can check that status of the fleet pods by running the below commands."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"# Ensure kubectl is pointing to the right cluster\nkubectl -n cattle-fleet-system logs -l app=fleet-agent\nkubectl -n cattle-fleet-system get pods -l app=fleet-agent\n")),(0,l.kt)("p",null,"Additionally you should see a new cluster registered in the Fleet manager. Below is an example of checking that a new cluster\nwas registered in the ",(0,l.kt)("inlineCode",{parentName:"p"},"clusters")," ",(0,l.kt)("a",{parentName:"p",href:"/0.4/namespaces"},"namespace"),". Please ensure your ",(0,l.kt)("inlineCode",{parentName:"p"},"${HOME}/.kube/config")," is pointed to the Fleet\nmanager to run this command."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-shell"},"kubectl -n clusters get clusters.fleet.cattle.io\n")),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"NAME BUNDLES-READY NODES-READY SAMPLE-NODE LAST-SEEN STATUS\nmy-cluster 1/1 1/1 k3d-cluster2-server-0 2020-08-31T19:23:10Z \n")))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/fbaf079d.819a09e0.js b/assets/js/fbaf079d.d9a2a246.js similarity index 99% rename from assets/js/fbaf079d.819a09e0.js rename to assets/js/fbaf079d.d9a2a246.js index 0ccba0b15..49c2521da 100644 --- a/assets/js/fbaf079d.819a09e0.js +++ b/assets/js/fbaf079d.d9a2a246.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2030],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var s=a.createContext({}),p=function(e){var n=a.useContext(s),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(s.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,s=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(s,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var l={};for(var s in n)hasOwnProperty.call(n,s)&&(l[s]=n[s]);l.originalType=e,l.mdxType="string"==typeof e?e:o,r[1]=l;for(var p=2;p{t.r(n),t.d(n,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>l,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",l={unversionedId:"bundle-diffs",id:"bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/docs/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/bundle-diffs.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/webhook"}},s={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,"In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto."),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec."),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2030],{3905:(e,n,t)=>{t.d(n,{Zo:()=>c,kt:()=>u});var a=t(7294);function o(e,n,t){return n in e?Object.defineProperty(e,n,{value:t,enumerable:!0,configurable:!0,writable:!0}):e[n]=t,e}function i(e,n){var t=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);n&&(a=a.filter((function(n){return Object.getOwnPropertyDescriptor(e,n).enumerable}))),t.push.apply(t,a)}return t}function r(e){for(var n=1;n=0||(o[t]=e[t]);return o}(e,n);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,t)&&(o[t]=e[t])}return o}var s=a.createContext({}),p=function(e){var n=a.useContext(s),t=n;return e&&(t="function"==typeof e?e(n):r(r({},n),e)),t},c=function(e){var n=p(e.components);return a.createElement(s.Provider,{value:n},e.children)},d={inlineCode:"code",wrapper:function(e){var n=e.children;return a.createElement(a.Fragment,{},n)}},m=a.forwardRef((function(e,n){var t=e.components,o=e.mdxType,i=e.originalType,s=e.parentName,c=l(e,["components","mdxType","originalType","parentName"]),m=p(t),u=o,h=m["".concat(s,".").concat(u)]||m[u]||d[u]||i;return t?a.createElement(h,r(r({ref:n},c),{},{components:t})):a.createElement(h,r({ref:n},c))}));function u(e,n){var t=arguments,o=n&&n.mdxType;if("string"==typeof e||o){var i=t.length,r=new Array(i);r[0]=m;var l={};for(var s in n)hasOwnProperty.call(n,s)&&(l[s]=n[s]);l.originalType=e,l.mdxType="string"==typeof e?e:o,r[1]=l;for(var p=2;p{t.r(n),t.d(n,{assets:()=>s,contentTitle:()=>r,default:()=>d,frontMatter:()=>i,metadata:()=>l,toc:()=>p});var a=t(7462),o=(t(7294),t(3905));const i={},r="Generating Diffs to Ignore Modified GitRepos",l={unversionedId:"bundle-diffs",id:"bundle-diffs",title:"Generating Diffs to Ignore Modified GitRepos",description:"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.",source:"@site/docs/bundle-diffs.md",sourceDirName:".",slug:"/bundle-diffs",permalink:"/bundle-diffs",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/bundle-diffs.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Mapping to Downstream Clusters",permalink:"/gitrepo-targets"},next:{title:"Using Webhooks Instead of Polling",permalink:"/webhook"}},s={},p=[{value:"Simple Example",id:"simple-example",level:2},{value:"Gatekeeper Example",id:"gatekeeper-example",level:2},{value:"1. ValidatingWebhookConfiguration:",id:"1-validatingwebhookconfiguration",level:3},{value:"2. Deployment gatekeeper-controller-manager:",id:"2-deployment-gatekeeper-controller-manager",level:3},{value:"3. Deployment gatekeeper-audit:",id:"3-deployment-gatekeeper-audit",level:3},{value:"Combining It All Together",id:"combining-it-all-together",level:3}],c={toc:p};function d(e){let{components:n,...i}=e;return(0,o.kt)("wrapper",(0,a.Z)({},c,i,{components:n,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"generating-diffs-to-ignore-modified-gitrepos"},"Generating Diffs to Ignore Modified GitRepos"),(0,o.kt)("p",null,"Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles."),(0,o.kt)("p",null,"You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the ",(0,o.kt)("inlineCode",{parentName:"p"},"Bundles")," section."),(0,o.kt)("p",null,"The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the ",(0,o.kt)("inlineCode",{parentName:"p"},"caBundle")," is empty and the CA cert is injected by the cluster."),(0,o.kt)("p",null,'This leads the status of the bundle and associated GitRepo to be reported as "Modified"'),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(9366).Z,width:"1191",height:"344"})),(0,o.kt)("p",null,"Associated Bundle\n",(0,o.kt)("img",{src:t(6368).Z,width:"1188",height:"420"})),(0,o.kt)("p",null,"Fleet bundles support the ability to specify a custom ",(0,o.kt)("a",{parentName:"p",href:"http://jsonpatch.com/"},"jsonPointer patch"),"."),(0,o.kt)("p",null,"With the patch, users can instruct fleet to ignore object modifications."),(0,o.kt)("h2",{id:"simple-example"},"Simple Example"),(0,o.kt)("p",null,"In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto."),(0,o.kt)("p",null,(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs"},"https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs")),(0,o.kt)("h2",{id:"gatekeeper-example"},"Gatekeeper Example"),(0,o.kt)("p",null,"In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters."),(0,o.kt)("p",null,"The opa-gatekeeper bundle associated with the opa GitRepo is in modified state."),(0,o.kt)("p",null,"Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status."),(0,o.kt)("p",null,"In our case the differences detected are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' summary:\n desiredReady: 1\n modified: 1\n nonReadyResources:\n - bundleState: Modified\n modifiedStatus:\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n patch: \'{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n patch: \'{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}\'\n')),(0,o.kt)("p",null,"Based on this summary, there are three objects which need to be patched."),(0,o.kt)("p",null,"We will look at these one at a time."),(0,o.kt)("h3",{id:"1-validatingwebhookconfiguration"},"1. ValidatingWebhookConfiguration:"),(0,o.kt)("p",null,"The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec."),(0,o.kt)("p",null,"In cases where more than one element in the field requires a patch, that patch will refer these to as ",(0,o.kt)("inlineCode",{parentName:"p"},"$setElementOrder/ELEMENTNAME")),(0,o.kt)("p",null,"From this information, we can see the two ValidatingWebhooks in question are:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' "$setElementOrder/webhooks": [\n {\n "name": "validation.gatekeeper.sh"\n },\n {\n "name": "check-ignore-label.gatekeeper.sh"\n }\n ],\n')),(0,o.kt)("p",null,"Within each ValidatingWebhook, the fields that need to be ignore are as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "validation.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n "*"\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "*"\n ]\n }\n ]\n },\n')),(0,o.kt)("p",null," and"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},' {\n "clientConfig": {\n "caBundle": "Cg=="\n },\n "name": "check-ignore-label.gatekeeper.sh",\n "rules": [\n {\n "apiGroups": [\n ""\n ],\n "apiVersions": [\n "*"\n ],\n "operations": [\n "CREATE",\n "UPDATE"\n ],\n "resources": [\n "namespaces"\n ]\n }\n ]\n }\n')),(0,o.kt)("p",null,"In summary, we need to ignore the fields ",(0,o.kt)("inlineCode",{parentName:"p"},"rules")," and ",(0,o.kt)("inlineCode",{parentName:"p"},"clientConfig.caBundle")," in our patch specification."),(0,o.kt)("p",null,"The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values."),(0,o.kt)("p",null,(0,o.kt)("img",{src:t(1418).Z,width:"1104",height:"837"})),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("h3",{id:"2-deployment-gatekeeper-controller-manager"},"2. Deployment gatekeeper-controller-manager:"),(0,o.kt)("p",null,"The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle)."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"3-deployment-gatekeeper-audit"},"3. Deployment gatekeeper-audit:"),(0,o.kt)("p",null,"The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied."),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre"},'{\n "spec": {\n "template": {\n "spec": {\n "$setElementOrder/containers": [\n {\n "name": "manager"\n }\n ],\n "containers": [\n {\n "name": "manager",\n "resources": {\n "limits": {\n "cpu": "1000m"\n }\n }\n }\n ],\n "tolerations": []\n }\n }\n }\n}\n')),(0,o.kt)("p",null,"Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added."),(0,o.kt)("p",null,"Based on this information, our diff patch would look as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},' - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n')),(0,o.kt)("h3",{id:"combining-it-all-together"},"Combining It All Together"),(0,o.kt)("p",null,"We can now combine all these patches as follows:"),(0,o.kt)("pre",null,(0,o.kt)("code",{parentName:"pre",className:"language-yaml"},'diff:\n comparePatches:\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-audit\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: apps/v1\n kind: Deployment\n name: gatekeeper-controller-manager\n namespace: cattle-gatekeeper-system\n operations:\n - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}\n - {"op": "remove", "path": "/spec/template/spec/tolerations"}\n - apiVersion: admissionregistration.k8s.io/v1\n kind: ValidatingWebhookConfiguration\n name: gatekeeper-validating-webhook-configuration\n operations:\n - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/0/rules"}\n - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}\n - {"op": "remove", "path":"/webhooks/1/rules"}\n')),(0,o.kt)("p",null,"We can add these now to the bundle directly to test and also commit the same to the ",(0,o.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," in your GitRepo."),(0,o.kt)("p",null,'Once these are added, the GitRepo should deploy and be in "Active" status.'))}d.isMDXComponent=!0},6368:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedBundle-636a094dc9a854e2cc752ad34fcadd60.png"},9366:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/ModifiedGitRepo-17a5600892cf08e11388c8612131d81d.png"},1418:(e,n,t)=>{t.d(n,{Z:()=>a});const a=t.p+"assets/images/WebhookConfigurationSpec-0721d92eb5e5e87e815ad8fe32242bed.png"}}]); \ No newline at end of file diff --git a/assets/js/fbcf914d.767e07ba.js b/assets/js/fbcf914d.818b05a4.js similarity index 97% rename from assets/js/fbcf914d.767e07ba.js rename to assets/js/fbcf914d.818b05a4.js index 9640a8bbc..feab946b2 100644 --- a/assets/js/fbcf914d.767e07ba.js +++ b/assets/js/fbcf914d.818b05a4.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[751],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.8/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.8/index.md",sourceDirName:".",slug:"/",permalink:"/0.8/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/index.md",tags:[],version:"0.8",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.8/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[751],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>m});var r=n(7294);function a(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function o(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function i(e){for(var t=1;t=0||(a[n]=e[n]);return a}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(a[n]=e[n])}return a}var l=r.createContext({}),c=function(e){var t=r.useContext(l),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return r.createElement(l.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,a=e.mdxType,o=e.originalType,l=e.parentName,u=s(e,["components","mdxType","originalType","parentName"]),d=c(n),m=a,f=d["".concat(l,".").concat(m)]||d[m]||p[m]||o;return n?r.createElement(f,i(i({ref:t},u),{},{components:n})):r.createElement(f,i({ref:t},u))}));function m(e,t){var n=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var o=n.length,i=new Array(o);i[0]=d;var s={};for(var l in t)hasOwnProperty.call(t,l)&&(s[l]=t[l]);s.originalType=e,s.mdxType="string"==typeof e?e:a,i[1]=s;for(var c=2;c{n.r(t),n.d(t,{assets:()=>l,contentTitle:()=>i,default:()=>p,frontMatter:()=>o,metadata:()=>s,toc:()=>c});var r=n(7462),a=(n(7294),n(3905));const o={},i="Overview",s={unversionedId:"index",id:"version-0.8/index",title:"Overview",description:"What is Fleet?",source:"@site/versioned_docs/version-0.8/index.md",sourceDirName:".",slug:"/",permalink:"/0.8/",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.8/index.md",tags:[],version:"0.8",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",next:{title:"Quick Start",permalink:"/0.8/quickstart"}},l={},c=[{value:"What is Fleet?",id:"what-is-fleet",level:3},{value:"Configuration Management",id:"configuration-management",level:3}],u={toc:c};function p(e){let{components:t,...o}=e;return(0,a.kt)("wrapper",(0,r.Z)({},u,o,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"overview"},"Overview"),(0,a.kt)("p",null,(0,a.kt)("img",{src:n(5082).Z,width:"1366",height:"960"})),(0,a.kt)("h3",{id:"what-is-fleet"},"What is Fleet?"),(0,a.kt)("ul",null,(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Cluster engine"),": Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through ",(0,a.kt)("strong",{parentName:"p"},"GitOps"),". Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.")),(0,a.kt)("li",{parentName:"ul"},(0,a.kt)("p",{parentName:"li"},(0,a.kt)("strong",{parentName:"p"},"Deployment management"),": Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters."))),(0,a.kt)("h3",{id:"configuration-management"},"Configuration Management"),(0,a.kt)("p",null,"Fleet is fundamentally a set of Kubernetes ",(0,a.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/concepts/"},"custom resource definitions (CRDs)")," and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point."))}p.isMDXComponent=!0},5082:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/fleet-architecture-f708ce634648101dc98f451dcd59fe84.svg"}}]); \ No newline at end of file diff --git a/assets/js/fd06576e.c3a242b5.js b/assets/js/fd06576e.74e1a3c5.js similarity index 98% rename from assets/js/fd06576e.c3a242b5.js rename to assets/js/fd06576e.74e1a3c5.js index a3f8a0a91..bad56f756 100644 --- a/assets/js/fd06576e.c3a242b5.js +++ b/assets/js/fd06576e.74e1a3c5.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3667],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=l,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||s;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,r=new Array(s);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:l,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>s,metadata:()=>i,toc:()=>p});var n=a(7462),l=(a(7294),a(3905));const s={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.5/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.5/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.5/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/namespaces.md",tags:[],version:"0.5",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Groups",permalink:"/0.5/cluster-group"},next:{title:"Adding a GitRepo",permalink:"/0.5/gitrepo-add"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local",id:"fleet-local",level:3},{value:"cattle-fleet-system",id:"cattle-fleet-system",level:3},{value:"cattle-fleet-clusters-system",id:"cattle-fleet-clusters-system",level:3},{value:"Cluster namespaces",id:"cluster-namespaces",level:3},{value:"Cross namespace deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2}],c={toc:p};function m(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,n.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"namespaces"},"Namespaces"),(0,l.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,l.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,l.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,l.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,l.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,l.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,l.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,l.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,l.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,l.kt)("h3",{id:"fleet-local"},"fleet-local"),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,l.kt)("p",null,"When fleet is installed the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,l.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,l.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,l.kt)("h3",{id:"cattle-fleet-system"},"cattle-fleet-system"),(0,l.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,l.kt)("h3",{id:"cattle-fleet-clusters-system"},"cattle-fleet-clusters-system"),(0,l.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,l.kt)("h3",{id:"cluster-namespaces"},"Cluster namespaces"),(0,l.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,l.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,l.kt)("h2",{id:"cross-namespace-deployments"},"Cross namespace deployments"),(0,l.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,l.kt)("p",null,"If you are creating a ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,l.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,l.kt)("p",null,"A ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,l.kt)("p",null,"If the ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,l.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,l.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,l.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,l.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,l.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,l.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,l.kt)("p",null,"A namespace can contain multiple ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,l.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,l.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')))}m.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[3667],{3905:(e,t,a)=>{a.d(t,{Zo:()=>c,kt:()=>u});var n=a(7294);function l(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function s(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),a.push.apply(a,n)}return a}function r(e){for(var t=1;t=0||(l[a]=e[a]);return l}(e,t);if(Object.getOwnPropertySymbols){var s=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,a)&&(l[a]=e[a])}return l}var o=n.createContext({}),p=function(e){var t=n.useContext(o),a=t;return e&&(a="function"==typeof e?e(t):r(r({},t),e)),a},c=function(e){var t=p(e.components);return n.createElement(o.Provider,{value:t},e.children)},m={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var a=e.components,l=e.mdxType,s=e.originalType,o=e.parentName,c=i(e,["components","mdxType","originalType","parentName"]),d=p(a),u=l,h=d["".concat(o,".").concat(u)]||d[u]||m[u]||s;return a?n.createElement(h,r(r({ref:t},c),{},{components:a})):n.createElement(h,r({ref:t},c))}));function u(e,t){var a=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var s=a.length,r=new Array(s);r[0]=d;var i={};for(var o in t)hasOwnProperty.call(t,o)&&(i[o]=t[o]);i.originalType=e,i.mdxType="string"==typeof e?e:l,r[1]=i;for(var p=2;p{a.r(t),a.d(t,{assets:()=>o,contentTitle:()=>r,default:()=>m,frontMatter:()=>s,metadata:()=>i,toc:()=>p});var n=a(7462),l=(a(7294),a(3905));const s={},r="Namespaces",i={unversionedId:"namespaces",id:"version-0.5/namespaces",title:"Namespaces",description:"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces",source:"@site/versioned_docs/version-0.5/namespaces.md",sourceDirName:".",slug:"/namespaces",permalink:"/0.5/namespaces",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.5/namespaces.md",tags:[],version:"0.5",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Groups",permalink:"/0.5/cluster-group"},next:{title:"Adding a GitRepo",permalink:"/0.5/gitrepo-add"}},o={},p=[{value:"GitRepos, Bundles, Clusters, ClusterGroups",id:"gitrepos-bundles-clusters-clustergroups",level:2},{value:"Namespace Creation Behavior in Bundles",id:"namespace-creation-behavior-in-bundles",level:2},{value:"Special Namespaces",id:"special-namespaces",level:2},{value:"fleet-local",id:"fleet-local",level:3},{value:"cattle-fleet-system",id:"cattle-fleet-system",level:3},{value:"cattle-fleet-clusters-system",id:"cattle-fleet-clusters-system",level:3},{value:"Cluster namespaces",id:"cluster-namespaces",level:3},{value:"Cross namespace deployments",id:"cross-namespace-deployments",level:2},{value:"Restricting GitRepos",id:"restricting-gitrepos",level:2}],c={toc:p};function m(e){let{components:t,...a}=e;return(0,l.kt)("wrapper",(0,n.Z)({},c,a,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"namespaces"},"Namespaces"),(0,l.kt)("p",null,"All types in the Fleet manager are namespaced. The namespaces of the manager types do not correspond to the namespaces\nof the deployed resources in the downstream cluster. Understanding how namespaces are used in the Fleet manager is\nimportant to understand the security model and how one can use Fleet in a multi-tenant fashion."),(0,l.kt)("h2",{id:"gitrepos-bundles-clusters-clustergroups"},"GitRepos, Bundles, Clusters, ClusterGroups"),(0,l.kt)("p",null,"The primary types are all scoped to a namespace. All selectors for ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," targets will be evaluated against\nthe ",(0,l.kt)("inlineCode",{parentName:"p"},"Clusters")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroups")," in the same namespaces. This means that if you give ",(0,l.kt)("inlineCode",{parentName:"p"},"create")," or ",(0,l.kt)("inlineCode",{parentName:"p"},"update")," privileges\nto a the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," type in a namespace, that end user can modify the selector to match any cluster in that namespace.\nThis means in practice if you want to have two teams self manage their own ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," registrations but they should\nnot be able to target each others clusters, they should be in different namespaces."),(0,l.kt)("h2",{id:"namespace-creation-behavior-in-bundles"},"Namespace Creation Behavior in Bundles"),(0,l.kt)("p",null,"When deploying a Fleet bundle, the specified namespace will automatically be created if it does not already exist."),(0,l.kt)("h2",{id:"special-namespaces"},"Special Namespaces"),(0,l.kt)("h3",{id:"fleet-local"},"fleet-local"),(0,l.kt)("p",null,"The ",(0,l.kt)("strong",{parentName:"p"},"fleet-local")," namespace is a special namespace used for the single cluster use case or to bootstrap\nthe configuration of the Fleet manager."),(0,l.kt)("p",null,"When fleet is installed the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," namespace is created along with one ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," called ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," and one\n",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," called ",(0,l.kt)("inlineCode",{parentName:"p"},"default"),". If no targets are specified on a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),", it is by default targeted to the\n",(0,l.kt)("inlineCode",{parentName:"p"},"ClusterGroup")," named ",(0,l.kt)("inlineCode",{parentName:"p"},"default"),". This means that all ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," created in ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet-local")," will\nautomatically target the ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster"),". The ",(0,l.kt)("inlineCode",{parentName:"p"},"local")," ",(0,l.kt)("inlineCode",{parentName:"p"},"Cluster")," refers to the cluster the Fleet manager is running\non."),(0,l.kt)("h3",{id:"cattle-fleet-system"},"cattle-fleet-system"),(0,l.kt)("p",null,"The Fleet controller and Fleet agent run in this namespace. All service accounts referenced by ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," are expected\nto live in this namespace in the downstream cluster."),(0,l.kt)("h3",{id:"cattle-fleet-clusters-system"},"cattle-fleet-clusters-system"),(0,l.kt)("p",null,"This namespace holds secrets for the cluster registration process. It should contain no other resources in it,\nespecially secrets."),(0,l.kt)("h3",{id:"cluster-namespaces"},"Cluster namespaces"),(0,l.kt)("p",null,"For every cluster that is registered a namespace is created by the Fleet manager for that cluster.\nThese namespaces are named in the form ",(0,l.kt)("inlineCode",{parentName:"p"},"cluster-${namespace}-${cluster}-${random}"),". The purpose of this\nnamespace is that all ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," for that cluster are put into this namespace and\nthen the downstream cluster is given access to watch and update ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployments")," in that namespace only."),(0,l.kt)("h2",{id:"cross-namespace-deployments"},"Cross namespace deployments"),(0,l.kt)("p",null,"It is possible to create a GitRepo that will deploy across namespaces. The primary purpose of this is so that a\ncentral privileged team can manage common configuration for many clusters that are managed by different teams. The way\nthis is accomplished is by creating a ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource in a cluster."),(0,l.kt)("p",null,"If you are creating a ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," resource it is best to do it in a namespace that only contains ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\nand no ",(0,l.kt)("inlineCode",{parentName:"p"},"Clusters"),". It seems to get confusing if you have Clusters in the same repo as the cross namespace ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos")," will still\nalways be evaluated against the current namespace. So if you have clusters in the same namespace you may wish to make them\ncanary clusters."),(0,l.kt)("p",null,"A ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMapping")," has only two fields. Which are as below"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},"kind: BundleNamespaceMapping\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: not-important\n namespace: typically-unique\n\n# Bundles to match by label. The labels are defined in the fleet.yaml\n# labels field or from the GitRepo metadata.labels field\nbundleSelector:\n matchLabels:\n foo: bar\n\n# Namespaces to match by label\nnamespaceSelector:\n matchLabels:\n foo: bar\n")),(0,l.kt)("p",null,"If the ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleNamespaceMappings")," ",(0,l.kt)("inlineCode",{parentName:"p"},"bundleSelector")," field matches a ",(0,l.kt)("inlineCode",{parentName:"p"},"Bundles")," labels then that ",(0,l.kt)("inlineCode",{parentName:"p"},"Bundle")," target criteria will\nbe evaluated against all clusters in all namespaces that match ",(0,l.kt)("inlineCode",{parentName:"p"},"namespaceSelector"),". One can specify labels for the created\nbundles from git by putting labels in the ",(0,l.kt)("inlineCode",{parentName:"p"},"fleet.yaml")," file or on the ",(0,l.kt)("inlineCode",{parentName:"p"},"metadata.labels")," field on the ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo"),"."),(0,l.kt)("h2",{id:"restricting-gitrepos"},"Restricting GitRepos"),(0,l.kt)("p",null,"A namespace can contain multiple ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepoRestriction")," resources. All ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepos"),"\ncreated in that namespace will be checked against the list of restrictions.\nIf a ",(0,l.kt)("inlineCode",{parentName:"p"},"GitRepo")," violates one of the constraints its ",(0,l.kt)("inlineCode",{parentName:"p"},"BundleDeployment")," will be\nin an error state and won't be deployed."),(0,l.kt)("p",null,"This can also be used to set the defaults for GitRepo's ",(0,l.kt)("inlineCode",{parentName:"p"},"serviceAccount")," and ",(0,l.kt)("inlineCode",{parentName:"p"},"clientSecretName")," fields."),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepoRestriction\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: restriction\n namespace: typically-unique\nallowedClientSecretNames: []\nallowedRepoPatterns: []\nallowedServiceAccounts: []\ndefaultClientSecretName: ""\ndefaultServiceAccount: ""\n')))}m.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/fd26103c.77b3a75a.js b/assets/js/fd26103c.085bcbbf.js similarity index 98% rename from assets/js/fd26103c.77b3a75a.js rename to assets/js/fd26103c.085bcbbf.js index a9967fa1f..c72f7af4c 100644 --- a/assets/js/fd26103c.77b3a75a.js +++ b/assets/js/fd26103c.085bcbbf.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2392],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>m});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function l(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var i=n.createContext({}),c=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},p=function(e){var t=c(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(r),m=a,f=d["".concat(i,".").concat(m)]||d[m]||u[m]||l;return r?n.createElement(f,o(o({ref:t},p),{},{components:r})):n.createElement(f,o({ref:t},p))}));function m(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=r.length,o=new Array(l);o[0]=d;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const l={},o="Mapping to Downstream Clusters",s={unversionedId:"gitrepo-targets",id:"version-0.4/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Multi-cluster Only:",source:"@site/versioned_docs/version-0.4/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.4/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/gitrepo-targets.md",tags:[],version:"0.4",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Expected Repo Structure",permalink:"/0.4/gitrepo-structure"},next:{title:"Generating Diffs for Modified GitRepos",permalink:"/0.4/bundle-diffs"}},i={},c=[{value:"Defining targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default target",id:"default-target",level:2}],p={toc:c};function u(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style")),(0,a.kt)("p",null,"When deploying ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,a.kt)("h2",{id:"defining-targets"},"Defining targets"),(0,a.kt)("p",null,"The deployment targets of ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,a.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n')),(0,a.kt)("h2",{id:"target-matching"},"Target Matching"),(0,a.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,a.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,a.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,a.kt)("h2",{id:"default-target"},"Default target"),(0,a.kt)("p",null,"If no target is set for the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,a.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."))}u.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[2392],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>m});var n=r(7294);function a(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function l(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function o(e){for(var t=1;t=0||(a[r]=e[r]);return a}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(a[r]=e[r])}return a}var i=n.createContext({}),c=function(e){var t=n.useContext(i),r=t;return e&&(r="function"==typeof e?e(t):o(o({},t),e)),r},p=function(e){var t=c(e.components);return n.createElement(i.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,a=e.mdxType,l=e.originalType,i=e.parentName,p=s(e,["components","mdxType","originalType","parentName"]),d=c(r),m=a,f=d["".concat(i,".").concat(m)]||d[m]||u[m]||l;return r?n.createElement(f,o(o({ref:t},p),{},{components:r})):n.createElement(f,o({ref:t},p))}));function m(e,t){var r=arguments,a=t&&t.mdxType;if("string"==typeof e||a){var l=r.length,o=new Array(l);o[0]=d;var s={};for(var i in t)hasOwnProperty.call(t,i)&&(s[i]=t[i]);s.originalType=e,s.mdxType="string"==typeof e?e:a,o[1]=s;for(var c=2;c{r.r(t),r.d(t,{assets:()=>i,contentTitle:()=>o,default:()=>u,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var n=r(7462),a=(r(7294),r(3905));const l={},o="Mapping to Downstream Clusters",s={unversionedId:"gitrepo-targets",id:"version-0.4/gitrepo-targets",title:"Mapping to Downstream Clusters",description:"Multi-cluster Only:",source:"@site/versioned_docs/version-0.4/gitrepo-targets.md",sourceDirName:".",slug:"/gitrepo-targets",permalink:"/0.4/gitrepo-targets",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.4/gitrepo-targets.md",tags:[],version:"0.4",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Expected Repo Structure",permalink:"/0.4/gitrepo-structure"},next:{title:"Generating Diffs for Modified GitRepos",permalink:"/0.4/bundle-diffs"}},i={},c=[{value:"Defining targets",id:"defining-targets",level:2},{value:"Target Matching",id:"target-matching",level:2},{value:"Default target",id:"default-target",level:2}],p={toc:c};function u(e){let{components:t,...r}=e;return(0,a.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,a.kt)("h1",{id:"mapping-to-downstream-clusters"},"Mapping to Downstream Clusters"),(0,a.kt)("admonition",{type:"info"},(0,a.kt)("p",{parentName:"admonition"},(0,a.kt)("strong",{parentName:"p"},"Multi-cluster Only"),":\nThis approach only applies if you are running Fleet in a multi-cluster style")),(0,a.kt)("p",null,"When deploying ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepos")," to downstream clusters the clusters must be mapped to a target."),(0,a.kt)("h2",{id:"defining-targets"},"Defining targets"),(0,a.kt)("p",null,"The deployment targets of ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," is done using the ",(0,a.kt)("inlineCode",{parentName:"p"},"spec.targets")," field to\nmatch clusters or cluster groups. The YAML specification is as below."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},'kind: GitRepo\napiVersion: fleet.cattle.io/v1alpha1\nmetadata:\n name: myrepo\n namespace: clusters\nspec:\n repo: https://github.com/rancher/fleet-examples\n paths:\n - simple\n\n # Targets are evaluated in order and the first one to match is used. If\n # no targets match then the evaluated cluster will not be deployed to.\n targets:\n # The name of target. This value is largely for display and logging.\n # If not specified a default name of the format "target000" will be used\n - name: prod\n # A selector used to match clusters. The structure is the standard\n # metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified,\n # clusterSelector will be used only to further refine the selection after\n # clusterGroupSelector and clusterGroup is evaluated.\n clusterSelector:\n matchLabels:\n env: prod\n # A selector used to match cluster groups.\n clusterGroupSelector:\n matchLabels:\n region: us-east\n # A specific clusterGroup by name that will be selected\n clusterGroup: group1\n')),(0,a.kt)("h2",{id:"target-matching"},"Target Matching"),(0,a.kt)("p",null,"All clusters and cluster groups in the same namespace as the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be evaluated against all targets.\nIf any of the targets match the cluster then the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will be deployed to the downstream cluster. If\nno match is made, then the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," will not be deployed to that cluster."),(0,a.kt)("p",null,'There are three approaches to matching clusters.\nOne can use cluster selectors, cluster group selectors, or an explicit cluster group name. All criteria is additive so\nthe final match is evaluated as "clusterSelector && clusterGroupSelector && clusterGroup". If any of the three have the\ndefault value it is dropped from the criteria. The default value is either null or "". It is important to realize\nthat the value ',(0,a.kt)("inlineCode",{parentName:"p"},"{}"),' for a selector means "match everything."'),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"# Match everything\nclusterSelector: {}\n# Selector ignored\nclusterSelector: null\n")),(0,a.kt)("h2",{id:"default-target"},"Default target"),(0,a.kt)("p",null,"If no target is set for the ",(0,a.kt)("inlineCode",{parentName:"p"},"GitRepo")," then the default targets value is applied. The default targets value is as below."),(0,a.kt)("pre",null,(0,a.kt)("code",{parentName:"pre",className:"language-yaml"},"targets:\n- name: default\n clusterGroup: default\n")),(0,a.kt)("p",null,"This means if you wish to setup a default location non-configured GitRepos will go to, then just create a cluster group called default\nand add clusters to it."))}u.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/fe67fe92.6931ff70.js b/assets/js/fe67fe92.e8acd231.js similarity index 98% rename from assets/js/fe67fe92.6931ff70.js rename to assets/js/fe67fe92.e8acd231.js index 4fe9c3bfc..0ebc3412a 100644 --- a/assets/js/fe67fe92.6931ff70.js +++ b/assets/js/fe67fe92.e8acd231.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1635],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>u});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var s=n.createContext({}),c=function(e){var t=n.useContext(s),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},p=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(r),u=l,m=d["".concat(s,".").concat(u)]||d[u]||f[u]||o;return r?n.createElement(m,a(a({ref:t},p),{},{components:r})):n.createElement(m,a({ref:t},p))}));function u(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=r.length,a=new Array(o);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var c=2;c{r.r(t),r.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>f,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var n=r(7462),l=(r(7294),r(3905));const o={title:"",sidebar_label:"fleet apply"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"version-0.9/cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/versioned_docs/version-0.9/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/0.9/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-cli/fleet_apply.md",tags:[],version:"0.9",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/0.9/cli/fleet-cli/fleet"},next:{title:"fleet test",permalink:"/0.9/cli/fleet-cli/fleet_test"}},s={},c=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --correct-drift Rollback any change made from outside of Fleet\n --correct-drift-force Use --force when correcting drift. Resources can be deleted and recreated\n --correct-drift-keep-fail-history Keep helm history for failed rollbacks\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n --helm-credentials-by-path-file string Path of file containing helm credentials for paths\n --helm-repo-url-regex string Helm credentials will be used if the helm repo matches this regex. Credentials will always be used if this is empty or not provided\n -h, --help help for apply\n --keep-resources Keep resources created after the GitRepo or Bundle is deleted\n -l, --label strings Labels to apply to created bundles\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1635],{3905:(e,t,r)=>{r.d(t,{Zo:()=>p,kt:()=>u});var n=r(7294);function l(e,t,r){return t in e?Object.defineProperty(e,t,{value:r,enumerable:!0,configurable:!0,writable:!0}):e[t]=r,e}function o(e,t){var r=Object.keys(e);if(Object.getOwnPropertySymbols){var n=Object.getOwnPropertySymbols(e);t&&(n=n.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),r.push.apply(r,n)}return r}function a(e){for(var t=1;t=0||(l[r]=e[r]);return l}(e,t);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);for(n=0;n=0||Object.prototype.propertyIsEnumerable.call(e,r)&&(l[r]=e[r])}return l}var s=n.createContext({}),c=function(e){var t=n.useContext(s),r=t;return e&&(r="function"==typeof e?e(t):a(a({},t),e)),r},p=function(e){var t=c(e.components);return n.createElement(s.Provider,{value:t},e.children)},f={inlineCode:"code",wrapper:function(e){var t=e.children;return n.createElement(n.Fragment,{},t)}},d=n.forwardRef((function(e,t){var r=e.components,l=e.mdxType,o=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(r),u=l,m=d["".concat(s,".").concat(u)]||d[u]||f[u]||o;return r?n.createElement(m,a(a({ref:t},p),{},{components:r})):n.createElement(m,a({ref:t},p))}));function u(e,t){var r=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var o=r.length,a=new Array(o);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:l,a[1]=i;for(var c=2;c{r.r(t),r.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>f,frontMatter:()=>o,metadata:()=>i,toc:()=>c});var n=r(7462),l=(r(7294),r(3905));const o={title:"",sidebar_label:"fleet apply"},a=void 0,i={unversionedId:"cli/fleet-cli/fleet_apply",id:"version-0.9/cli/fleet-cli/fleet_apply",title:"",description:"fleet apply",source:"@site/versioned_docs/version-0.9/cli/fleet-cli/fleet_apply.md",sourceDirName:"cli/fleet-cli",slug:"/cli/fleet-cli/fleet_apply",permalink:"/0.9/cli/fleet-cli/fleet_apply",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.9/cli/fleet-cli/fleet_apply.md",tags:[],version:"0.9",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{title:"",sidebar_label:"fleet apply"},sidebar:"docs",previous:{title:"fleet",permalink:"/0.9/cli/fleet-cli/fleet"},next:{title:"fleet test",permalink:"/0.9/cli/fleet-cli/fleet_test"}},s={},c=[{value:"fleet apply",id:"fleet-apply",level:2},{value:"Options",id:"options",level:3},{value:"Options inherited from parent commands",id:"options-inherited-from-parent-commands",level:3},{value:"SEE ALSO",id:"see-also",level:3}],p={toc:c};function f(e){let{components:t,...r}=e;return(0,l.kt)("wrapper",(0,n.Z)({},p,r,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h2",{id:"fleet-apply"},"fleet apply"),(0,l.kt)("p",null,"Render a bundle into a Kubernetes resource and apply it in the Fleet Manager"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},"fleet apply [flags] BUNDLE_NAME PATH...\n")),(0,l.kt)("h3",{id:"options"},"Options"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"}," -b, --bundle-file string Location of the raw Bundle resource yaml\n --cacerts-file string Path of custom cacerts for helm repo\n --commit string Commit to assign to the bundle\n -c, --compress Force all resources to be compress\n --correct-drift Rollback any change made from outside of Fleet\n --correct-drift-force Use --force when correcting drift. Resources can be deleted and recreated\n --correct-drift-keep-fail-history Keep helm history for failed rollbacks\n --debug Turn on debug logging\n --debug-level int If debugging is enabled, set klog -v=X\n -f, --file string Location of the fleet.yaml\n --helm-credentials-by-path-file string Path of file containing helm credentials for paths\n --helm-repo-url-regex string Helm credentials will be used if the helm repo matches this regex. Credentials will always be used if this is empty or not provided\n -h, --help help for apply\n --keep-resources Keep resources created after the GitRepo or Bundle is deleted\n -l, --label strings Labels to apply to created bundles\n -o, --output string Output contents to file or - for stdout\n --password-file string Path of file containing basic auth password for helm repo\n --paused Create bundles in a paused state\n -a, --service-account string Service account to assign to bundle created\n --ssh-privatekey-file string Path of ssh-private-key for helm repo\n --sync-generation int Generation number used to force sync the deployment\n --target-namespace string Ensure this bundle goes to this target namespace\n --targets-file string Addition source of targets and restrictions to be append\n --username string Basic auth username for helm repo\n")),(0,l.kt)("h3",{id:"options-inherited-from-parent-commands"},"Options inherited from parent commands"),(0,l.kt)("pre",null,(0,l.kt)("code",{parentName:"pre"},' --context string kubeconfig context for authentication\n -k, --kubeconfig string kubeconfig for authentication\n -n, --namespace string namespace (default "fleet-local")\n --system-namespace string System namespace of the controller (default "cattle-fleet-system")\n')),(0,l.kt)("h3",{id:"see-also"},"SEE ALSO"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"./fleet"},"fleet"),"\t -")))}f.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/fe8cb35a.d50b23cf.js b/assets/js/fe8cb35a.6e4dd741.js similarity index 98% rename from assets/js/fe8cb35a.d50b23cf.js rename to assets/js/fe8cb35a.6e4dd741.js index fa4b4ca70..ade60b1c3 100644 --- a/assets/js/fe8cb35a.d50b23cf.js +++ b/assets/js/fe8cb35a.6e4dd741.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1886],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=o,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,a(a({ref:t},p),{},{components:n})):r.createElement(f,a({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,a=new Array(l);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const l={},a="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"version-0.7/ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/versioned_docs/version-0.7/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/0.7/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-bundle-stages.md",tags:[],version:"0.7",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.7/concepts"},next:{title:"Git Repository Contents",permalink:"/0.7/gitrepo-content"}},s={},c=[],p={toc:c};function u(e){let{components:t,...l}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,l,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,o.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,o.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,o.kt)("ol",null,(0,o.kt)("li",{parentName:"ol"},"User will create a ",(0,o.kt)("a",{parentName:"li",href:"/0.7/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,o.kt)("a",{parentName:"li",href:"/0.7/webhook"},"webhook event"),". With every commit change, the ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,o.kt)("a",{parentName:"li",href:"/0.7/cluster-bundles-state#bundles"},"bundle"),".")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},(0,o.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,o.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,o.kt)("ol",{start:3},(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,o.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,o.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})))}u.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[1886],{3905:(e,t,n)=>{n.d(t,{Zo:()=>p,kt:()=>m});var r=n(7294);function o(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function l(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);t&&(r=r.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,r)}return n}function a(e){for(var t=1;t=0||(o[n]=e[n]);return o}(e,t);if(Object.getOwnPropertySymbols){var l=Object.getOwnPropertySymbols(e);for(r=0;r=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(o[n]=e[n])}return o}var s=r.createContext({}),c=function(e){var t=r.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):a(a({},t),e)),n},p=function(e){var t=c(e.components);return r.createElement(s.Provider,{value:t},e.children)},u={inlineCode:"code",wrapper:function(e){var t=e.children;return r.createElement(r.Fragment,{},t)}},d=r.forwardRef((function(e,t){var n=e.components,o=e.mdxType,l=e.originalType,s=e.parentName,p=i(e,["components","mdxType","originalType","parentName"]),d=c(n),m=o,f=d["".concat(s,".").concat(m)]||d[m]||u[m]||l;return n?r.createElement(f,a(a({ref:t},p),{},{components:n})):r.createElement(f,a({ref:t},p))}));function m(e,t){var n=arguments,o=t&&t.mdxType;if("string"==typeof e||o){var l=n.length,a=new Array(l);a[0]=d;var i={};for(var s in t)hasOwnProperty.call(t,s)&&(i[s]=t[s]);i.originalType=e,i.mdxType="string"==typeof e?e:o,a[1]=i;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>a,default:()=>u,frontMatter:()=>l,metadata:()=>i,toc:()=>c});var r=n(7462),o=(n(7294),n(3905));const l={},a="Bundle Lifecycle",i={unversionedId:"ref-bundle-stages",id:"version-0.7/ref-bundle-stages",title:"Bundle Lifecycle",description:"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.",source:"@site/versioned_docs/version-0.7/ref-bundle-stages.md",sourceDirName:".",slug:"/ref-bundle-stages",permalink:"/0.7/ref-bundle-stages",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/versioned_docs/version-0.7/ref-bundle-stages.md",tags:[],version:"0.7",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Core Concepts",permalink:"/0.7/concepts"},next:{title:"Git Repository Contents",permalink:"/0.7/gitrepo-content"}},s={},c=[],p={toc:c};function u(e){let{components:t,...l}=e;return(0,o.kt)("wrapper",(0,r.Z)({},p,l,{components:t,mdxType:"MDXLayout"}),(0,o.kt)("h1",{id:"bundle-lifecycle"},"Bundle Lifecycle"),(0,o.kt)("p",null,"A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles."),(0,o.kt)("p",null,"To demonstrate the life cycle of a Fleet bundle, we will use ",(0,o.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet-examples/tree/master/multi-cluster/helm"},"multi-cluster/helm")," as a case study."),(0,o.kt)("ol",null,(0,o.kt)("li",{parentName:"ol"},"User will create a ",(0,o.kt)("a",{parentName:"li",href:"/0.7/gitrepo-add#create-gitrepo-instance"},"GitRepo")," that points to the multi-cluster/helm repository."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will sync changes from the GitRepo and detect changes from the polling or ",(0,o.kt)("a",{parentName:"li",href:"/0.7/webhook"},"webhook event"),". With every commit change, the ",(0,o.kt)("inlineCode",{parentName:"li"},"gitjob-controller")," will create a job that clones the git repository, reads content from the repo such as ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet.yaml")," and other manifests, and creates the Fleet ",(0,o.kt)("a",{parentName:"li",href:"/0.7/cluster-bundles-state#bundles"},"bundle"),".")),(0,o.kt)("blockquote",null,(0,o.kt)("p",{parentName:"blockquote"},(0,o.kt)("strong",{parentName:"p"},"Note:")," The job pod with the image name ",(0,o.kt)("inlineCode",{parentName:"p"},"rancher/tekton-utils")," will be under the same namespace as the GitRepo.")),(0,o.kt)("ol",{start:3},(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," then syncs changes from the bundle. According to the targets, the ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-controller")," will create ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," resources, which are a combination of a bundle and a target cluster."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will then pull the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," from the Fleet controlplane. The agent deploys bundle manifests as a ",(0,o.kt)("a",{parentName:"li",href:"https://helm.sh/docs/intro/install/"},"Helm chart")," from the ",(0,o.kt)("inlineCode",{parentName:"li"},"BundleDeployment")," into the downstream clusters."),(0,o.kt)("li",{parentName:"ol"},"The ",(0,o.kt)("inlineCode",{parentName:"li"},"fleet-agent")," will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.")),(0,o.kt)("p",null,"This diagram shows the different rendering stages a bundle goes through until deployment."),(0,o.kt)("p",null,(0,o.kt)("img",{alt:"Bundle Stages",src:n(5208).Z,width:"730",height:"811"})))}u.isMDXComponent=!0},5208:(e,t,n)=>{n.d(t,{Z:()=>r});const r=n.p+"assets/images/FleetBundleStages-23d8ed832e76974ba6693016c5d52ad7.svg"}}]); \ No newline at end of file diff --git a/assets/js/ffe5129d.b484ecde.js b/assets/js/ffe5129d.48e8af03.js similarity index 99% rename from assets/js/ffe5129d.b484ecde.js rename to assets/js/ffe5129d.48e8af03.js index 65f1c4f63..fb62d31a1 100644 --- a/assets/js/ffe5129d.b484ecde.js +++ b/assets/js/ffe5129d.48e8af03.js @@ -1 +1 @@ -"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5532],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),m=c(n),f=l,d=m["".concat(s,".").concat(f)]||m[f]||p[f]||r;return n?a.createElement(d,i(i({ref:t},u),{},{components:n})):a.createElement(d,i({ref:t},u))}));function f(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=m;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>c});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/docs/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-configuration.md",tags:[],version:"current",lastUpdatedAt:1716284777,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/ref-registration"},next:{title:"List of Deployed Resources",permalink:"/ref-resources"}},s={},c=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2},{value:"Fleet agent configuration",id:"fleet-agent-configuration",level:2}],u={toc:c};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent"),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/shard=")," - Shard ID assigned by Fleet to resources, inherited from a ",(0,l.kt)("inlineCode",{parentName:"li"},"GitRepo"),", which\ndetermines which Fleet controller deployment will reconcile them.",(0,l.kt)("ul",{parentName:"li"},(0,l.kt)("li",{parentName:"ul"},"If this label is not provided or has an empty value, then the unsharded Fleet controller will process the resource."),(0,l.kt)("li",{parentName:"ul"},"If this label has a value which does not match any shard ID for which a Fleet controller is deployed, then the\nresource will not be processed.")))),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))),(0,l.kt)("h2",{id:"fleet-agent-configuration"},"Fleet agent configuration"),(0,l.kt)("p",null,"Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a\n",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/ref-crds#clusterspec"},"Cluster"),", see ",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/cluster-registration"},"Registering Downstream Cluster")," for more info on how to create\nClusters. Default configuration will be used if these fields are not provided."),(0,l.kt)("p",null,"If you change the resources limits, make sure the limits allow the fleet-agent to work normally."),(0,l.kt)("p",null,"Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults.\nAgents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate."))}p.isMDXComponent=!0}}]); \ No newline at end of file +"use strict";(self.webpackChunkfleet_docs=self.webpackChunkfleet_docs||[]).push([[5532],{3905:(e,t,n)=>{n.d(t,{Zo:()=>u,kt:()=>f});var a=n(7294);function l(e,t,n){return t in e?Object.defineProperty(e,t,{value:n,enumerable:!0,configurable:!0,writable:!0}):e[t]=n,e}function r(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);t&&(a=a.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,a)}return n}function i(e){for(var t=1;t=0||(l[n]=e[n]);return l}(e,t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(e);for(a=0;a=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(l[n]=e[n])}return l}var s=a.createContext({}),c=function(e){var t=a.useContext(s),n=t;return e&&(n="function"==typeof e?e(t):i(i({},t),e)),n},u=function(e){var t=c(e.components);return a.createElement(s.Provider,{value:t},e.children)},p={inlineCode:"code",wrapper:function(e){var t=e.children;return a.createElement(a.Fragment,{},t)}},m=a.forwardRef((function(e,t){var n=e.components,l=e.mdxType,r=e.originalType,s=e.parentName,u=o(e,["components","mdxType","originalType","parentName"]),m=c(n),f=l,d=m["".concat(s,".").concat(f)]||m[f]||p[f]||r;return n?a.createElement(d,i(i({ref:t},u),{},{components:n})):a.createElement(d,i({ref:t},u))}));function f(e,t){var n=arguments,l=t&&t.mdxType;if("string"==typeof e||l){var r=n.length,i=new Array(r);i[0]=m;var o={};for(var s in t)hasOwnProperty.call(t,s)&&(o[s]=t[s]);o.originalType=e,o.mdxType="string"==typeof e?e:l,i[1]=o;for(var c=2;c{n.r(t),n.d(t,{assets:()=>s,contentTitle:()=>i,default:()=>p,frontMatter:()=>r,metadata:()=>o,toc:()=>c});var a=n(7462),l=(n(7294),n(3905));const r={},i="Configuration",o={unversionedId:"ref-configuration",id:"ref-configuration",title:"Configuration",description:"A reference list of, mostly internal, configuration options.",source:"@site/docs/ref-configuration.md",sourceDirName:".",slug:"/ref-configuration",permalink:"/ref-configuration",draft:!1,editUrl:"https://github.com/rancher/fleet-docs/edit/main/docs/ref-configuration.md",tags:[],version:"current",lastUpdatedAt:1716284790,formattedLastUpdatedAt:"May 21, 2024",frontMatter:{},sidebar:"docs",previous:{title:"Cluster Registration Internals",permalink:"/ref-registration"},next:{title:"List of Deployed Resources",permalink:"/ref-resources"}},s={},c=[{value:"Helm Charts",id:"helm-charts",level:2},{value:"Environment Variables",id:"environment-variables",level:2},{value:"Configuration",id:"configuration-1",level:2},{value:"Labels",id:"labels",level:2},{value:"Annotations",id:"annotations",level:2},{value:"Fleet agent configuration",id:"fleet-agent-configuration",level:2}],u={toc:c};function p(e){let{components:t,...n}=e;return(0,l.kt)("wrapper",(0,a.Z)({},u,n,{components:t,mdxType:"MDXLayout"}),(0,l.kt)("h1",{id:"configuration"},"Configuration"),(0,l.kt)("p",null,"A reference list of, mostly internal, configuration options."),(0,l.kt)("h2",{id:"helm-charts"},"Helm Charts"),(0,l.kt)("p",null,"The Helm charts accept, at least, the options as shown with their default in ",(0,l.kt)("inlineCode",{parentName:"p"},"values.yaml"),":"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-crds/values.yaml")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"},"https://github.com/rancher/fleet/blob/main/charts/fleet-agent/values.yaml"))),(0,l.kt)("h2",{id:"environment-variables"},"Environment Variables"),(0,l.kt)("p",null,"The controllers can be started with these environment variables:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"CATTLE_DEV_MODE")," - used to debug wrangler, not usable"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CLUSTER_ENQUEUE_DELAY")," - tune how often non-ready clusters are checked"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"FLEET_CPU_PPROF_PERIOD")," - used to turn on ",(0,l.kt)("a",{parentName:"li",href:"https://github.com/rancher/fleet/blob/main/docs/performance.md"},"performance profiling"))),(0,l.kt)("h2",{id:"configuration-1"},"Configuration"),(0,l.kt)("p",null,"In cluster configuration for the agent and fleet manager. Changing these can lead to full re-deployments."),(0,l.kt)("p",null,"The config ",(0,l.kt)("a",{parentName:"p",href:"https://github.com/rancher/fleet/blob/main/pkg/config/config.go#L40-L52"},"struct")," is used in both config maps:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-agent"),(0,l.kt)("li",{parentName:"ul"},"cattle-fleet-system/fleet-controller")),(0,l.kt)("h2",{id:"labels"},"Labels"),(0,l.kt)("p",null,"Labels used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent=true")," - NodeSelector label for agent's deployment affinity setting"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/non-managed-agent")," - managed agent bundle won't target Clusters with this label"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/repo-name")," - used on Bundle to reference the git repo resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-namespace")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-name")," - used on BundleDeployment to reference the Bundle resource"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed=true")," - cluster namespaces with this label will be cleaned up. Other resources will be cleaned up if it is in a label. Used in Rancher to identify fleet namespaces."),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bootstrap-token")," - unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/shard=")," - Shard ID assigned by Fleet to resources, inherited from a ",(0,l.kt)("inlineCode",{parentName:"li"},"GitRepo"),", which\ndetermines which Fleet controller deployment will reconcile them.",(0,l.kt)("ul",{parentName:"li"},(0,l.kt)("li",{parentName:"ul"},"If this label is not provided or has an empty value, then the unsharded Fleet controller will process the resource."),(0,l.kt)("li",{parentName:"ul"},"If this label has a value which does not match any shard ID for which a Fleet controller is deployed, then the\nresource will not be processed.")))),(0,l.kt)("h2",{id:"annotations"},"Annotations"),(0,l.kt)("p",null,"Annotations used by fleet:"),(0,l.kt)("ul",null,(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/agent-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/bundle-id")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster"),", ",(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-namespace")," - used on a cluster namespace to reference the cluster registration namespace and cluster name"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-group")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration-namespace")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/cluster-registration")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/commit")),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/managed")," - appears unused"),(0,l.kt)("li",{parentName:"ul"},(0,l.kt)("inlineCode",{parentName:"li"},"fleet.cattle.io/service-account"))),(0,l.kt)("h2",{id:"fleet-agent-configuration"},"Fleet agent configuration"),(0,l.kt)("p",null,"Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a\n",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/ref-crds#clusterspec"},"Cluster"),", see ",(0,l.kt)("a",{parentName:"p",href:"https://fleet.rancher.io/cluster-registration"},"Registering Downstream Cluster")," for more info on how to create\nClusters. Default configuration will be used if these fields are not provided."),(0,l.kt)("p",null,"If you change the resources limits, make sure the limits allow the fleet-agent to work normally."),(0,l.kt)("p",null,"Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults.\nAgents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate."))}p.isMDXComponent=!0}}]); \ No newline at end of file diff --git a/assets/js/runtime~main.df081c41.js b/assets/js/runtime~main.92ab3464.js similarity index 57% rename from assets/js/runtime~main.df081c41.js rename to assets/js/runtime~main.92ab3464.js index e02d7e863..68cd7116e 100644 --- a/assets/js/runtime~main.df081c41.js +++ b/assets/js/runtime~main.92ab3464.js @@ -1 +1 @@ -(()=>{"use strict";var e,f,a,d,b,c={},t={};function r(e){var f=t[e];if(void 0!==f)return f.exports;var a=t[e]={id:e,loaded:!1,exports:{}};return c[e].call(a.exports,a,a.exports,r),a.loaded=!0,a.exports}r.m=c,r.c=t,e=[],r.O=(f,a,d,b)=>{if(!a){var c=1/0;for(i=0;i=b)&&Object.keys(r.O).every((e=>r.O[e](a[o])))?a.splice(o--,1):(t=!1,b0&&e[i-1][2]>b;i--)e[i]=e[i-1];e[i]=[a,d,b]},r.n=e=>{var f=e&&e.__esModule?()=>e.default:()=>e;return r.d(f,{a:f}),f},a=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,r.t=function(e,d){if(1&d&&(e=this(e)),8&d)return e;if("object"==typeof e&&e){if(4&d&&e.__esModule)return e;if(16&d&&"function"==typeof e.then)return e}var b=Object.create(null);r.r(b);var c={};f=f||[null,a({}),a([]),a(a)];for(var t=2&d&&e;"object"==typeof t&&!~f.indexOf(t);t=a(t))Object.getOwnPropertyNames(t).forEach((f=>c[f]=()=>e[f]));return c.default=()=>e,r.d(b,c),b},r.d=(e,f)=>{for(var a in f)r.o(f,a)&&!r.o(e,a)&&Object.defineProperty(e,a,{enumerable:!0,get:f[a]})},r.f={},r.e=e=>Promise.all(Object.keys(r.f).reduce(((f,a)=>(r.f[a](e,f),f)),[])),r.u=e=>"assets/js/"+({13:"24a8fd1b",53:"935f2afb",85:"c778489f",127:"045f7301",198:"e15d65f4",203:"963c03f5",208:"cd0bf424",247:"ec9fa214",252:"46c9c1f8",295:"e431d4ee",299:"de08e76e",307:"f347fdc1",314:"60bcd92c",373:"a947fe06",427:"904bb95d",488:"7a815aed",501:"9d91368e",532:"4e63d43a",599:"dfa3dc49",614:"e483f3c9",665:"f63438e5",751:"fbcf914d",764:"d8f58335",824:"c2bab82f",831:"3b61c2ee",835:"680ed9ed",844:"c6aa770e",859:"b32c755c",936:"504a9fc5",946:"ab0c1f88",961:"0acb2694",964:"af48bdba",1043:"20889235",1049:"ae2335f3",1079:"a60f0c4b",1139:"6fe63dff",1149:"750cf41f",1263:"0364e902",1296:"f66ef323",1332:"984cdf04",1371:"0a06c365",1416:"7b64d2e8",1462:"e3aa6547",1635:"fe67fe92",1697:"a8ca5d11",1732:"2579085f",1736:"d53097a5",1760:"b2456c44",1830:"e4b5e952",1866:"53da1243",1886:"fe8cb35a",1898:"d3d84dd8",1910:"cd323ffc",1992:"c1b42080",2030:"fbaf079d",2044:"909a121f",2088:"50b0676a",2112:"bd465781",2276:"c3dfc33d",2299:"97c3cd43",2357:"06df35bc",2361:"a2c468b1",2392:"fd26103c",2402:"f060f65c",2404:"7292ec22",2418:"6cf4c0df",2425:"dd67116e",2491:"d277059e",2607:"fa2a1a7c",2651:"8070e160",2717:"922074e2",2771:"0db4760e",2832:"6e08701a",2837:"53c8b813",2952:"e35f16a8",2992:"4177aba1",3062:"f2761eee",3084:"4ccb6852",3105:"d254ed97",3156:"f0907b6d",3200:"fb76c575",3217:"3b8c55ea",3220:"8eb509d6",3325:"1fec2b35",3327:"f78aef8c",3365:"45a5cd1f",3467:"3a0e6d91",3522:"93002d83",3551:"7712976a",3632:"af10d9fb",3667:"fd06576e",3714:"d3d9887a",3803:"a06c6d5b",3814:"834808ff",3859:"ce48e831",3951:"3d7b86e7",3977:"41b31679",4105:"d596b4b8",4126:"95a72457",4203:"5b7f8ae0",4235:"f7c88408",4300:"778a7b8d",4311:"0252b8ff",4339:"f6748474",4384:"f2839486",4412:"d362fc0b",4508:"246340c6",4552:"167e2e0a",4572:"c1eb0b52",4581:"b9a03c38",4615:"c234ba49",4637:"5979dd46",4665:"5b0cdfa3",4717:"2938f7a2",4728:"1f14308a",4765:"ab68c950",4777:"aee07340",4893:"da21831e",4895:"702cd497",4917:"b60b3bd8",4939:"b0423865",4955:"5176c92e",5e3:"e9efc8c6",5117:"6cbe47eb",5136:"58cc1d6e",5192:"2c86db16",5225:"f7cf1511",5253:"08aff371",5254:"bf20a2eb",5279:"522d95f1",5305:"f59af033",5386:"8307bb82",5408:"6638db74",5435:"847b3bc4",5455:"f4793a78",5464:"f531b716",5479:"b283d2e2",5512:"0e3fdb5a",5519:"250ffcdd",5532:"ffe5129d",5565:"db0ebd24",5600:"77fc540a",5763:"3718f698",5764:"5a165616",5765:"2f0f344d",5776:"34a3c1ae",5854:"e252aa27",5927:"5281b7a2",5940:"88f3f33f",5945:"10f03480",5959:"9fc6df8f",6050:"bcd76598",6061:"8ff6a575",6076:"857d18b5",6095:"32c7bf40",6112:"6e869bec",6188:"1cb1b893",6190:"3a2a2cbe",6195:"d0436963",6198:"c107a2c8",6250:"7c5d32d8",6255:"7f3d36ad",6266:"0f38f188",6295:"62bbc60f",6342:"ce534227",6351:"140acae8",6373:"07686352",6393:"ebf52154",6418:"e0636556",6422:"0bd7b06f",6469:"f14b6af8",6502:"18f4f7da",6516:"afc4945b",6560:"0e50cd4d",6588:"b7ae13b2",6645:"e348fb9e",6673:"5388fcb8",6700:"095d9053",6702:"e6339806",6943:"39f5e362",6950:"1bd61b9d",6957:"f8113afe",6961:"762abe3e",6967:"97d7d53e",6971:"c377a04b",6985:"21d02ecb",7076:"2a9b5780",7107:"170989a3",7155:"c916adcd",7169:"a9e7f6cd",7179:"e7acee98",7203:"6a840bac",7215:"cce49c68",7224:"2d618eff",7301:"11f54a6a",7314:"34eb4307",7333:"0ab79735",7345:"ae10697b",7378:"de6c661b",7383:"6349fbc0",7384:"300dc0ad",7459:"69dd637e",7497:"b753e7fe",7526:"4fac8f87",7537:"96465f27",7539:"22b369d5",7540:"612623d2",7544:"c7381d34",7571:"34c1e1e7",7579:"87469ac3",7619:"49af6a86",7640:"5ff573a6",7677:"e50ee9c3",7678:"370ac30b",7767:"abf95bb4",7811:"82782dff",7876:"d26595bf",7893:"f8909550",7918:"17896441",7920:"1a4e3797",7940:"02d72f40",7966:"07db75e5",8002:"01b4035b",8021:"d6daf0cc",8049:"e89d2f4d",8092:"ee0e1228",8134:"1f330703",8205:"f94f0fba",8228:"5379b7b3",8252:"c67695e7",8361:"dd81469d",8459:"2dc49bc9",8469:"eaf5d4dd",8539:"6faa62d7",8627:"2ff44c25",8646:"0ce1d2b6",8711:"b8f3160f",8794:"32a14031",8795:"12f4838b",8813:"aba71817",8927:"635f26b6",8976:"64b4770e",8985:"126a9cd0",9006:"3d725b75",9164:"7c4790a0",9246:"340d0560",9353:"9533a6b7",9360:"9d9f8394",9456:"5fdf261e",9510:"9db89767",9514:"1be78505",9532:"d0180ce2",9593:"17b50570",9616:"6c233221",9706:"de69e49e",9719:"63e62f73",9733:"1f8b8b7b",9766:"0209d9e7",9801:"9c942e60",9816:"755aca7b",9857:"60c2c817",9863:"cf6f5f9b",9940:"8003b96f"}[e]||e)+"."+{13:"437f7ebb",53:"a6e3652b",85:"aef3d1b5",127:"e05b81eb",198:"52328285",203:"eda7162b",208:"19eb062d",247:"ad5ae25a",252:"2d221189",295:"2681b6cb",299:"401a5740",307:"c4131768",314:"907ca922",373:"af3b8a61",427:"cb19f4f3",488:"2c3454a0",501:"57110304",532:"b8452125",599:"11ea6a78",614:"f237c062",665:"8e750922",751:"767e07ba",764:"e5365600",824:"d6df09ef",831:"5241bbaa",835:"5e739f60",844:"e09d5838",859:"c645b6dc",936:"89b1c74a",946:"a5c36aa8",961:"b62fbfdf",964:"dafb0ab6",1043:"71c516f7",1049:"8033243b",1079:"07889b3c",1139:"cca0de58",1149:"f17950f0",1263:"a2bab5df",1296:"cebef6cf",1332:"23b12d2b",1371:"32bb41e2",1416:"b494d633",1462:"abe9e58f",1635:"6931ff70",1697:"08c2e0d1",1732:"499e08ba",1736:"e33d3d98",1760:"50475ed6",1830:"e8ee7393",1866:"8c9142f1",1886:"d50b23cf",1898:"7bee13e0",1910:"7dbaf9bc",1992:"d04e119d",2030:"819a09e0",2044:"e6ab8b74",2088:"eed23ffb",2112:"b45fc88c",2276:"6ee712fb",2299:"8a40da63",2357:"9e026620",2361:"0d653d33",2392:"77b3a75a",2402:"dbedeadb",2404:"6f9c6d34",2418:"7b160fa0",2425:"49236642",2491:"b9cbabdb",2607:"e434171e",2651:"82c64fb4",2717:"7b1f2a03",2771:"b5f4fcac",2832:"3487d19b",2837:"90dadded",2952:"e05f6c84",2992:"74c80448",3062:"8db49e02",3084:"e063851b",3105:"ec6c9484",3156:"13499ab7",3200:"80739892",3217:"25852876",3220:"63ebb926",3325:"0059ace3",3327:"2fa4862e",3365:"c8a1fc5f",3467:"9e6fa512",3522:"d9c7c819",3551:"ea4f0797",3632:"98110938",3667:"c3a242b5",3714:"e17657e6",3803:"8c6946a3",3814:"43c23efe",3859:"84c3ad2d",3951:"8dc9df63",3977:"a242089e",4105:"6fb3f806",4126:"d30efa3d",4203:"1cc25693",4235:"e1cd16f2",4300:"a29d8cee",4311:"10821caf",4339:"6b17579f",4384:"528c4b79",4412:"f477c54e",4508:"ac78cf6d",4552:"ac2cbfa2",4572:"7abf33d3",4581:"ba08a208",4615:"0c159fbd",4637:"70967cd0",4665:"777579a7",4717:"ab46eae9",4728:"e247d020",4765:"032dc3e4",4777:"93d91daa",4893:"a2d96142",4895:"725a291b",4917:"fbc9144b",4939:"48d0ab85",4955:"775dc1fd",4972:"8486a258",5e3:"70e4dd98",5117:"a7a19589",5136:"935acd2a",5192:"da3e02a6",5225:"2f021dce",5253:"cabd1a2c",5254:"fa0ba304",5279:"2390e7ed",5305:"f895bdc0",5386:"51e82d74",5408:"52ef8939",5435:"18f0c437",5455:"9cdbb9b6",5464:"5935129e",5479:"ca887c22",5512:"2a961994",5519:"cb509974",5532:"b484ecde",5565:"7db58c84",5600:"f9d71e63",5763:"55d73d20",5764:"69161262",5765:"36af1d9a",5776:"38c225f3",5854:"3c12bed3",5927:"df199d5f",5940:"a4e034fb",5945:"631c1a52",5959:"b6d4808a",6050:"8314944f",6061:"7eab3059",6076:"ff45f667",6095:"63f47e1f",6112:"06055bbb",6188:"fee72a63",6190:"5d9864e7",6195:"bae7c477",6198:"8547a4d0",6250:"919b1b35",6255:"dd50ff39",6266:"f9b4f388",6295:"3a9fe9af",6342:"81ecc09c",6351:"56a4dba2",6373:"61b159cc",6393:"2ee362db",6418:"0828cea7",6422:"c18dffaf",6469:"677bb474",6502:"8751c2fe",6516:"2c9a4a97",6560:"861bb826",6588:"016f390f",6645:"e254b76d",6673:"932caaaa",6700:"f6e7c26b",6702:"cfc35cfb",6780:"73cff48e",6943:"f6538537",6945:"98e888a2",6950:"4ce5cbc1",6957:"bea190c5",6961:"a7446540",6967:"f3aec062",6971:"1af2af58",6985:"9b55e245",7076:"d2cded4b",7107:"02eadf81",7155:"cdbcddcb",7169:"f8f35a5c",7179:"7d352577",7203:"8318a97e",7215:"786f03de",7224:"9525a67d",7301:"ceb454c2",7314:"a2cbacfd",7333:"e1c21583",7345:"936b949b",7378:"ec37febd",7383:"9077d0e7",7384:"0e0999a8",7459:"5b15d585",7497:"45ca7c92",7526:"050de60d",7537:"23cdd5d9",7539:"0573302f",7540:"a8a9d837",7544:"b5056e6c",7571:"89f21994",7579:"522414d0",7619:"6ef2a235",7640:"17dfd064",7677:"5c30726c",7678:"7976f448",7767:"53639d34",7811:"1c5625fc",7876:"c6cd5377",7893:"15178a51",7918:"34a1edeb",7920:"514af003",7940:"de92bba9",7966:"fa996e94",8002:"e1320638",8021:"ad87deaf",8049:"2eeb8533",8092:"7633adf7",8134:"d30edc2a",8205:"c173bad2",8228:"0df31ce7",8252:"1cd4a62b",8361:"84ad89ab",8459:"5fd7a2bf",8469:"ca78ae6c",8539:"c80cf4b8",8627:"2e5de4e8",8646:"4ade5575",8711:"163ad17f",8794:"f1461521",8795:"33f1e2de",8813:"ea68235e",8894:"ad65c686",8927:"e95f903c",8976:"7f03c6e8",8985:"97e6941a",9006:"cc4996f8",9056:"355ca87c",9164:"99cb840b",9246:"e1b84a5e",9353:"305eb09d",9360:"9e48ad5c",9456:"3ce7d838",9510:"b3210693",9514:"387c5731",9532:"363df986",9593:"357b6560",9616:"72dd7504",9706:"24c8aa06",9719:"0ae194d6",9733:"9ba7ceca",9766:"a8c12e8a",9801:"999220b8",9816:"d81eab5c",9857:"6e32622d",9863:"6e12073e",9940:"196cece6"}[e]+".js",r.miniCssF=e=>{},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),r.o=(e,f)=>Object.prototype.hasOwnProperty.call(e,f),d={},b="fleet-docs:",r.l=(e,f,a,c)=>{if(d[e])d[e].push(f);else{var t,o;if(void 0!==a)for(var n=document.getElementsByTagName("script"),i=0;i{t.onerror=t.onload=null,clearTimeout(s);var b=d[e];if(delete d[e],t.parentNode&&t.parentNode.removeChild(t),b&&b.forEach((e=>e(a))),f)return f(a)},s=setTimeout(u.bind(null,void 0,{type:"timeout",target:t}),12e4);t.onerror=u.bind(null,t.onerror),t.onload=u.bind(null,t.onload),o&&document.head.appendChild(t)}},r.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.p="/",r.gca=function(e){return e={17896441:"7918",20889235:"1043","24a8fd1b":"13","935f2afb":"53",c778489f:"85","045f7301":"127",e15d65f4:"198","963c03f5":"203",cd0bf424:"208",ec9fa214:"247","46c9c1f8":"252",e431d4ee:"295",de08e76e:"299",f347fdc1:"307","60bcd92c":"314",a947fe06:"373","904bb95d":"427","7a815aed":"488","9d91368e":"501","4e63d43a":"532",dfa3dc49:"599",e483f3c9:"614",f63438e5:"665",fbcf914d:"751",d8f58335:"764",c2bab82f:"824","3b61c2ee":"831","680ed9ed":"835",c6aa770e:"844",b32c755c:"859","504a9fc5":"936",ab0c1f88:"946","0acb2694":"961",af48bdba:"964",ae2335f3:"1049",a60f0c4b:"1079","6fe63dff":"1139","750cf41f":"1149","0364e902":"1263",f66ef323:"1296","984cdf04":"1332","0a06c365":"1371","7b64d2e8":"1416",e3aa6547:"1462",fe67fe92:"1635",a8ca5d11:"1697","2579085f":"1732",d53097a5:"1736",b2456c44:"1760",e4b5e952:"1830","53da1243":"1866",fe8cb35a:"1886",d3d84dd8:"1898",cd323ffc:"1910",c1b42080:"1992",fbaf079d:"2030","909a121f":"2044","50b0676a":"2088",bd465781:"2112",c3dfc33d:"2276","97c3cd43":"2299","06df35bc":"2357",a2c468b1:"2361",fd26103c:"2392",f060f65c:"2402","7292ec22":"2404","6cf4c0df":"2418",dd67116e:"2425",d277059e:"2491",fa2a1a7c:"2607","8070e160":"2651","922074e2":"2717","0db4760e":"2771","6e08701a":"2832","53c8b813":"2837",e35f16a8:"2952","4177aba1":"2992",f2761eee:"3062","4ccb6852":"3084",d254ed97:"3105",f0907b6d:"3156",fb76c575:"3200","3b8c55ea":"3217","8eb509d6":"3220","1fec2b35":"3325",f78aef8c:"3327","45a5cd1f":"3365","3a0e6d91":"3467","93002d83":"3522","7712976a":"3551",af10d9fb:"3632",fd06576e:"3667",d3d9887a:"3714",a06c6d5b:"3803","834808ff":"3814",ce48e831:"3859","3d7b86e7":"3951","41b31679":"3977",d596b4b8:"4105","95a72457":"4126","5b7f8ae0":"4203",f7c88408:"4235","778a7b8d":"4300","0252b8ff":"4311",f6748474:"4339",f2839486:"4384",d362fc0b:"4412","246340c6":"4508","167e2e0a":"4552",c1eb0b52:"4572",b9a03c38:"4581",c234ba49:"4615","5979dd46":"4637","5b0cdfa3":"4665","2938f7a2":"4717","1f14308a":"4728",ab68c950:"4765",aee07340:"4777",da21831e:"4893","702cd497":"4895",b60b3bd8:"4917",b0423865:"4939","5176c92e":"4955",e9efc8c6:"5000","6cbe47eb":"5117","58cc1d6e":"5136","2c86db16":"5192",f7cf1511:"5225","08aff371":"5253",bf20a2eb:"5254","522d95f1":"5279",f59af033:"5305","8307bb82":"5386","6638db74":"5408","847b3bc4":"5435",f4793a78:"5455",f531b716:"5464",b283d2e2:"5479","0e3fdb5a":"5512","250ffcdd":"5519",ffe5129d:"5532",db0ebd24:"5565","77fc540a":"5600","3718f698":"5763","5a165616":"5764","2f0f344d":"5765","34a3c1ae":"5776",e252aa27:"5854","5281b7a2":"5927","88f3f33f":"5940","10f03480":"5945","9fc6df8f":"5959",bcd76598:"6050","8ff6a575":"6061","857d18b5":"6076","32c7bf40":"6095","6e869bec":"6112","1cb1b893":"6188","3a2a2cbe":"6190",d0436963:"6195",c107a2c8:"6198","7c5d32d8":"6250","7f3d36ad":"6255","0f38f188":"6266","62bbc60f":"6295",ce534227:"6342","140acae8":"6351","07686352":"6373",ebf52154:"6393",e0636556:"6418","0bd7b06f":"6422",f14b6af8:"6469","18f4f7da":"6502",afc4945b:"6516","0e50cd4d":"6560",b7ae13b2:"6588",e348fb9e:"6645","5388fcb8":"6673","095d9053":"6700",e6339806:"6702","39f5e362":"6943","1bd61b9d":"6950",f8113afe:"6957","762abe3e":"6961","97d7d53e":"6967",c377a04b:"6971","21d02ecb":"6985","2a9b5780":"7076","170989a3":"7107",c916adcd:"7155",a9e7f6cd:"7169",e7acee98:"7179","6a840bac":"7203",cce49c68:"7215","2d618eff":"7224","11f54a6a":"7301","34eb4307":"7314","0ab79735":"7333",ae10697b:"7345",de6c661b:"7378","6349fbc0":"7383","300dc0ad":"7384","69dd637e":"7459",b753e7fe:"7497","4fac8f87":"7526","96465f27":"7537","22b369d5":"7539","612623d2":"7540",c7381d34:"7544","34c1e1e7":"7571","87469ac3":"7579","49af6a86":"7619","5ff573a6":"7640",e50ee9c3:"7677","370ac30b":"7678",abf95bb4:"7767","82782dff":"7811",d26595bf:"7876",f8909550:"7893","1a4e3797":"7920","02d72f40":"7940","07db75e5":"7966","01b4035b":"8002",d6daf0cc:"8021",e89d2f4d:"8049",ee0e1228:"8092","1f330703":"8134",f94f0fba:"8205","5379b7b3":"8228",c67695e7:"8252",dd81469d:"8361","2dc49bc9":"8459",eaf5d4dd:"8469","6faa62d7":"8539","2ff44c25":"8627","0ce1d2b6":"8646",b8f3160f:"8711","32a14031":"8794","12f4838b":"8795",aba71817:"8813","635f26b6":"8927","64b4770e":"8976","126a9cd0":"8985","3d725b75":"9006","7c4790a0":"9164","340d0560":"9246","9533a6b7":"9353","9d9f8394":"9360","5fdf261e":"9456","9db89767":"9510","1be78505":"9514",d0180ce2:"9532","17b50570":"9593","6c233221":"9616",de69e49e:"9706","63e62f73":"9719","1f8b8b7b":"9733","0209d9e7":"9766","9c942e60":"9801","755aca7b":"9816","60c2c817":"9857",cf6f5f9b:"9863","8003b96f":"9940"}[e]||e,r.p+r.u(e)},(()=>{var e={1303:0,3312:0};r.f.j=(f,a)=>{var d=r.o(e,f)?e[f]:void 0;if(0!==d)if(d)a.push(d[2]);else if(/^(1303|3312)$/.test(f))e[f]=0;else{var b=new Promise(((a,b)=>d=e[f]=[a,b]));a.push(d[2]=b);var c=r.p+r.u(f),t=new Error;r.l(c,(a=>{if(r.o(e,f)&&(0!==(d=e[f])&&(e[f]=void 0),d)){var b=a&&("load"===a.type?"missing":a.type),c=a&&a.target&&a.target.src;t.message="Loading chunk "+f+" failed.\n("+b+": "+c+")",t.name="ChunkLoadError",t.type=b,t.request=c,d[1](t)}}),"chunk-"+f,f)}},r.O.j=f=>0===e[f];var f=(f,a)=>{var d,b,c=a[0],t=a[1],o=a[2],n=0;if(c.some((f=>0!==e[f]))){for(d in t)r.o(t,d)&&(r.m[d]=t[d]);if(o)var i=o(r)}for(f&&f(a);n{"use strict";var e,f,d,b,c,a={},t={};function r(e){var f=t[e];if(void 0!==f)return f.exports;var d=t[e]={id:e,loaded:!1,exports:{}};return a[e].call(d.exports,d,d.exports,r),d.loaded=!0,d.exports}r.m=a,r.c=t,e=[],r.O=(f,d,b,c)=>{if(!d){var a=1/0;for(i=0;i=c)&&Object.keys(r.O).every((e=>r.O[e](d[o])))?d.splice(o--,1):(t=!1,c0&&e[i-1][2]>c;i--)e[i]=e[i-1];e[i]=[d,b,c]},r.n=e=>{var f=e&&e.__esModule?()=>e.default:()=>e;return r.d(f,{a:f}),f},d=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,r.t=function(e,b){if(1&b&&(e=this(e)),8&b)return e;if("object"==typeof e&&e){if(4&b&&e.__esModule)return e;if(16&b&&"function"==typeof e.then)return e}var c=Object.create(null);r.r(c);var a={};f=f||[null,d({}),d([]),d(d)];for(var t=2&b&&e;"object"==typeof t&&!~f.indexOf(t);t=d(t))Object.getOwnPropertyNames(t).forEach((f=>a[f]=()=>e[f]));return a.default=()=>e,r.d(c,a),c},r.d=(e,f)=>{for(var d in f)r.o(f,d)&&!r.o(e,d)&&Object.defineProperty(e,d,{enumerable:!0,get:f[d]})},r.f={},r.e=e=>Promise.all(Object.keys(r.f).reduce(((f,d)=>(r.f[d](e,f),f)),[])),r.u=e=>"assets/js/"+({13:"24a8fd1b",53:"935f2afb",85:"c778489f",127:"045f7301",198:"e15d65f4",203:"963c03f5",208:"cd0bf424",247:"ec9fa214",252:"46c9c1f8",295:"e431d4ee",299:"de08e76e",307:"f347fdc1",314:"60bcd92c",373:"a947fe06",427:"904bb95d",488:"7a815aed",501:"9d91368e",532:"4e63d43a",599:"dfa3dc49",614:"e483f3c9",665:"f63438e5",751:"fbcf914d",764:"d8f58335",824:"c2bab82f",831:"3b61c2ee",835:"680ed9ed",844:"c6aa770e",859:"b32c755c",936:"504a9fc5",946:"ab0c1f88",961:"0acb2694",964:"af48bdba",1043:"20889235",1049:"ae2335f3",1079:"a60f0c4b",1139:"6fe63dff",1149:"750cf41f",1263:"0364e902",1296:"f66ef323",1332:"984cdf04",1371:"0a06c365",1416:"7b64d2e8",1462:"e3aa6547",1635:"fe67fe92",1697:"a8ca5d11",1732:"2579085f",1736:"d53097a5",1760:"b2456c44",1830:"e4b5e952",1866:"53da1243",1886:"fe8cb35a",1898:"d3d84dd8",1910:"cd323ffc",1992:"c1b42080",2030:"fbaf079d",2044:"909a121f",2088:"50b0676a",2112:"bd465781",2276:"c3dfc33d",2299:"97c3cd43",2357:"06df35bc",2361:"a2c468b1",2392:"fd26103c",2402:"f060f65c",2404:"7292ec22",2418:"6cf4c0df",2425:"dd67116e",2491:"d277059e",2607:"fa2a1a7c",2651:"8070e160",2717:"922074e2",2771:"0db4760e",2832:"6e08701a",2837:"53c8b813",2952:"e35f16a8",2992:"4177aba1",3062:"f2761eee",3084:"4ccb6852",3105:"d254ed97",3156:"f0907b6d",3200:"fb76c575",3217:"3b8c55ea",3220:"8eb509d6",3325:"1fec2b35",3327:"f78aef8c",3365:"45a5cd1f",3467:"3a0e6d91",3522:"93002d83",3551:"7712976a",3632:"af10d9fb",3667:"fd06576e",3714:"d3d9887a",3803:"a06c6d5b",3814:"834808ff",3859:"ce48e831",3951:"3d7b86e7",3977:"41b31679",4105:"d596b4b8",4126:"95a72457",4203:"5b7f8ae0",4235:"f7c88408",4300:"778a7b8d",4311:"0252b8ff",4339:"f6748474",4384:"f2839486",4412:"d362fc0b",4508:"246340c6",4552:"167e2e0a",4572:"c1eb0b52",4581:"b9a03c38",4615:"c234ba49",4637:"5979dd46",4665:"5b0cdfa3",4717:"2938f7a2",4728:"1f14308a",4765:"ab68c950",4777:"aee07340",4893:"da21831e",4895:"702cd497",4917:"b60b3bd8",4939:"b0423865",4955:"5176c92e",5e3:"e9efc8c6",5117:"6cbe47eb",5136:"58cc1d6e",5192:"2c86db16",5225:"f7cf1511",5253:"08aff371",5254:"bf20a2eb",5279:"522d95f1",5305:"f59af033",5386:"8307bb82",5408:"6638db74",5435:"847b3bc4",5455:"f4793a78",5464:"f531b716",5479:"b283d2e2",5512:"0e3fdb5a",5519:"250ffcdd",5532:"ffe5129d",5565:"db0ebd24",5600:"77fc540a",5763:"3718f698",5764:"5a165616",5765:"2f0f344d",5776:"34a3c1ae",5854:"e252aa27",5927:"5281b7a2",5940:"88f3f33f",5945:"10f03480",5959:"9fc6df8f",6050:"bcd76598",6061:"8ff6a575",6076:"857d18b5",6095:"32c7bf40",6112:"6e869bec",6188:"1cb1b893",6190:"3a2a2cbe",6195:"d0436963",6198:"c107a2c8",6250:"7c5d32d8",6255:"7f3d36ad",6266:"0f38f188",6295:"62bbc60f",6342:"ce534227",6351:"140acae8",6373:"07686352",6393:"ebf52154",6418:"e0636556",6422:"0bd7b06f",6469:"f14b6af8",6502:"18f4f7da",6516:"afc4945b",6560:"0e50cd4d",6588:"b7ae13b2",6645:"e348fb9e",6673:"5388fcb8",6700:"095d9053",6702:"e6339806",6943:"39f5e362",6950:"1bd61b9d",6957:"f8113afe",6961:"762abe3e",6967:"97d7d53e",6971:"c377a04b",6985:"21d02ecb",7076:"2a9b5780",7107:"170989a3",7155:"c916adcd",7169:"a9e7f6cd",7179:"e7acee98",7203:"6a840bac",7215:"cce49c68",7224:"2d618eff",7301:"11f54a6a",7314:"34eb4307",7333:"0ab79735",7345:"ae10697b",7378:"de6c661b",7383:"6349fbc0",7384:"300dc0ad",7459:"69dd637e",7497:"b753e7fe",7526:"4fac8f87",7537:"96465f27",7539:"22b369d5",7540:"612623d2",7544:"c7381d34",7571:"34c1e1e7",7579:"87469ac3",7619:"49af6a86",7640:"5ff573a6",7677:"e50ee9c3",7678:"370ac30b",7767:"abf95bb4",7811:"82782dff",7876:"d26595bf",7893:"f8909550",7918:"17896441",7920:"1a4e3797",7940:"02d72f40",7966:"07db75e5",8002:"01b4035b",8021:"d6daf0cc",8049:"e89d2f4d",8092:"ee0e1228",8134:"1f330703",8205:"f94f0fba",8228:"5379b7b3",8252:"c67695e7",8361:"dd81469d",8459:"2dc49bc9",8469:"eaf5d4dd",8539:"6faa62d7",8627:"2ff44c25",8646:"0ce1d2b6",8711:"b8f3160f",8794:"32a14031",8795:"12f4838b",8813:"aba71817",8927:"635f26b6",8976:"64b4770e",8985:"126a9cd0",9006:"3d725b75",9164:"7c4790a0",9246:"340d0560",9353:"9533a6b7",9360:"9d9f8394",9456:"5fdf261e",9510:"9db89767",9514:"1be78505",9532:"d0180ce2",9593:"17b50570",9616:"6c233221",9706:"de69e49e",9719:"63e62f73",9733:"1f8b8b7b",9766:"0209d9e7",9801:"9c942e60",9816:"755aca7b",9857:"60c2c817",9863:"cf6f5f9b",9940:"8003b96f"}[e]||e)+"."+{13:"753bea50",53:"a6e3652b",85:"e1bba825",127:"e2401d61",198:"b6edd62c",203:"856704fc",208:"020cb63e",247:"417f266e",252:"30c5db25",295:"d6f57b56",299:"c99b111a",307:"12b24ad5",314:"0d84696d",373:"af19dbc2",427:"d94f2c5a",488:"637f97af",501:"bb163fd0",532:"fa377143",599:"4cafa3c5",614:"bb67bc2f",665:"783cc0dd",751:"818b05a4",764:"87d2031e",824:"19d98f2a",831:"7237d44b",835:"2e1e0ea3",844:"d42d2261",859:"18ad0bef",936:"1b613d37",946:"1de459b0",961:"2e373bf4",964:"d592dd4b",1043:"71ea7739",1049:"f34a0c15",1079:"ef4a2420",1139:"dfcaa2a7",1149:"507a87a3",1263:"a49f9f5b",1296:"93ea7413",1332:"f93c61b0",1371:"a8b246ed",1416:"d8369136",1462:"f75b1792",1635:"e8acd231",1697:"65747e9d",1732:"244bc1b1",1736:"2945a300",1760:"8cb5e885",1830:"961d1592",1866:"a52d7550",1886:"6e4dd741",1898:"0ba82524",1910:"56ff714c",1992:"7f5bbcfd",2030:"d9a2a246",2044:"99c61109",2088:"cd949ebe",2112:"77cff642",2276:"3daef039",2299:"4b3c5636",2357:"9e026620",2361:"c0b9a92b",2392:"085bcbbf",2402:"2f3d6e58",2404:"aa8cc63d",2418:"c1b93090",2425:"0d6e3391",2491:"1f7a6374",2607:"eab8d141",2651:"88b82485",2717:"8a18a190",2771:"0f2e7ff2",2832:"de3a9f4b",2837:"965c3538",2952:"22632871",2992:"877c7c2f",3062:"b9aa8af8",3084:"190d1e6a",3105:"65c76dfd",3156:"0da8b219",3200:"ae597717",3217:"144c96fd",3220:"c31be761",3325:"82fea959",3327:"c5fa87f0",3365:"dddadb6a",3467:"ffd50d25",3522:"d9c7c819",3551:"72247104",3632:"7b49570c",3667:"74e1a3c5",3714:"d9ae67b9",3803:"65a0d18a",3814:"1093a837",3859:"3610462a",3951:"eb39b0cf",3977:"5480c674",4105:"347fe0c1",4126:"c489faab",4203:"2ca3e9eb",4235:"69e48a62",4300:"d379c3d3",4311:"03f9e3e6",4339:"65200520",4384:"122c5d65",4412:"ee690b13",4508:"348d0564",4552:"a699d0e5",4572:"41828fe0",4581:"e3a2dc44",4615:"83d4f467",4637:"70967cd0",4665:"46126fda",4717:"22da52b2",4728:"e53d86f6",4765:"5bc956a1",4777:"0c8351cd",4893:"169037ec",4895:"8e3103ad",4917:"2e053506",4939:"735228ad",4955:"ef9a10b3",4972:"8486a258",5e3:"97550f7f",5117:"265fce85",5136:"935acd2a",5192:"9f6a116e",5225:"47e824a4",5253:"22221506",5254:"ff0128f8",5279:"fa737fb7",5305:"35f4883b",5386:"fd15e4b8",5408:"52ef8939",5435:"aea638e9",5455:"e4af4dc8",5464:"794a8c86",5479:"d9ef9881",5512:"379c2828",5519:"2b9227b8",5532:"48e8af03",5565:"0f8760fe",5600:"92c0ba2f",5763:"0e32aee1",5764:"ba9db149",5765:"36af1d9a",5776:"d559c47a",5854:"1aae1602",5927:"a61d2fe7",5940:"daa8ede9",5945:"0bc27e4b",5959:"da41a6ab",6050:"9ee52278",6061:"b6a91d43",6076:"34cbea8f",6095:"4640d719",6112:"ca308da0",6188:"2cc619e6",6190:"c738bb26",6195:"1e69a56d",6198:"da1b091c",6250:"f3aa7136",6255:"c79cdb95",6266:"c32bf719",6295:"322f5b3a",6342:"ffbe5e24",6351:"f01242d2",6373:"7c21bbbf",6393:"1b3155d3",6418:"27868d9b",6422:"d65ac2fb",6469:"c69dc1d0",6502:"a5f22219",6516:"a77bf464",6560:"312523c2",6588:"60d18fee",6645:"e9f8880b",6673:"aa2af9ef",6700:"8011f220",6702:"7b549079",6780:"73cff48e",6943:"bbe24423",6945:"98e888a2",6950:"5da1c034",6957:"4ff86efa",6961:"f3b47c0f",6967:"fe2e8ef0",6971:"eeb706b1",6985:"4536eca8",7076:"ef254468",7107:"3d4ca108",7155:"291c3974",7169:"e54af66d",7179:"b3e29861",7203:"82c52083",7215:"f5dba2f9",7224:"645dc9d4",7301:"c6268de1",7314:"5c530660",7333:"e70e0bc9",7345:"a9301116",7378:"58a4f43c",7383:"5d0431ad",7384:"13c076c3",7459:"21107e4d",7497:"7e8ef318",7526:"d2adc93a",7537:"3f98e66e",7539:"807e48ff",7540:"beb0b6ab",7544:"78809348",7571:"91f1d70f",7579:"a0e5c8bf",7619:"59b913d8",7640:"9e152199",7677:"bacf9e6e",7678:"fb355374",7767:"1454ad7e",7811:"a3e4716f",7876:"394c5422",7893:"7f0e2ee6",7918:"34a1edeb",7920:"514af003",7940:"f5baa9d6",7966:"2add4119",8002:"1ffc0d4a",8021:"f91e7713",8049:"09cdda4b",8092:"7633adf7",8134:"baa253be",8205:"79168c4f",8228:"18ed609d",8252:"f3a40aac",8361:"0675133c",8459:"2e6700a5",8469:"f205a478",8539:"3475e4fa",8627:"7143ac1b",8646:"46287b77",8711:"b75c7974",8794:"13941399",8795:"54ece151",8813:"751d67ab",8894:"ad65c686",8927:"101d7413",8976:"42075229",8985:"ce06a137",9006:"97c16553",9056:"355ca87c",9164:"f9e78789",9246:"9c0f2e15",9353:"e698023b",9360:"dae8b01a",9456:"8a1557ca",9510:"4245fec3",9514:"387c5731",9532:"6cc2d13b",9593:"357b6560",9616:"01a8f3ed",9706:"9cf159f3",9719:"fc33d64c",9733:"cec4d91e",9766:"baeb46a9",9801:"bed2dda0",9816:"b6ec324c",9857:"cf4ec6fd",9863:"9ac2fe29",9940:"c2c1de7b"}[e]+".js",r.miniCssF=e=>{},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),r.o=(e,f)=>Object.prototype.hasOwnProperty.call(e,f),b={},c="fleet-docs:",r.l=(e,f,d,a)=>{if(b[e])b[e].push(f);else{var t,o;if(void 0!==d)for(var n=document.getElementsByTagName("script"),i=0;i{t.onerror=t.onload=null,clearTimeout(s);var c=b[e];if(delete b[e],t.parentNode&&t.parentNode.removeChild(t),c&&c.forEach((e=>e(d))),f)return f(d)},s=setTimeout(u.bind(null,void 0,{type:"timeout",target:t}),12e4);t.onerror=u.bind(null,t.onerror),t.onload=u.bind(null,t.onload),o&&document.head.appendChild(t)}},r.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.p="/",r.gca=function(e){return e={17896441:"7918",20889235:"1043","24a8fd1b":"13","935f2afb":"53",c778489f:"85","045f7301":"127",e15d65f4:"198","963c03f5":"203",cd0bf424:"208",ec9fa214:"247","46c9c1f8":"252",e431d4ee:"295",de08e76e:"299",f347fdc1:"307","60bcd92c":"314",a947fe06:"373","904bb95d":"427","7a815aed":"488","9d91368e":"501","4e63d43a":"532",dfa3dc49:"599",e483f3c9:"614",f63438e5:"665",fbcf914d:"751",d8f58335:"764",c2bab82f:"824","3b61c2ee":"831","680ed9ed":"835",c6aa770e:"844",b32c755c:"859","504a9fc5":"936",ab0c1f88:"946","0acb2694":"961",af48bdba:"964",ae2335f3:"1049",a60f0c4b:"1079","6fe63dff":"1139","750cf41f":"1149","0364e902":"1263",f66ef323:"1296","984cdf04":"1332","0a06c365":"1371","7b64d2e8":"1416",e3aa6547:"1462",fe67fe92:"1635",a8ca5d11:"1697","2579085f":"1732",d53097a5:"1736",b2456c44:"1760",e4b5e952:"1830","53da1243":"1866",fe8cb35a:"1886",d3d84dd8:"1898",cd323ffc:"1910",c1b42080:"1992",fbaf079d:"2030","909a121f":"2044","50b0676a":"2088",bd465781:"2112",c3dfc33d:"2276","97c3cd43":"2299","06df35bc":"2357",a2c468b1:"2361",fd26103c:"2392",f060f65c:"2402","7292ec22":"2404","6cf4c0df":"2418",dd67116e:"2425",d277059e:"2491",fa2a1a7c:"2607","8070e160":"2651","922074e2":"2717","0db4760e":"2771","6e08701a":"2832","53c8b813":"2837",e35f16a8:"2952","4177aba1":"2992",f2761eee:"3062","4ccb6852":"3084",d254ed97:"3105",f0907b6d:"3156",fb76c575:"3200","3b8c55ea":"3217","8eb509d6":"3220","1fec2b35":"3325",f78aef8c:"3327","45a5cd1f":"3365","3a0e6d91":"3467","93002d83":"3522","7712976a":"3551",af10d9fb:"3632",fd06576e:"3667",d3d9887a:"3714",a06c6d5b:"3803","834808ff":"3814",ce48e831:"3859","3d7b86e7":"3951","41b31679":"3977",d596b4b8:"4105","95a72457":"4126","5b7f8ae0":"4203",f7c88408:"4235","778a7b8d":"4300","0252b8ff":"4311",f6748474:"4339",f2839486:"4384",d362fc0b:"4412","246340c6":"4508","167e2e0a":"4552",c1eb0b52:"4572",b9a03c38:"4581",c234ba49:"4615","5979dd46":"4637","5b0cdfa3":"4665","2938f7a2":"4717","1f14308a":"4728",ab68c950:"4765",aee07340:"4777",da21831e:"4893","702cd497":"4895",b60b3bd8:"4917",b0423865:"4939","5176c92e":"4955",e9efc8c6:"5000","6cbe47eb":"5117","58cc1d6e":"5136","2c86db16":"5192",f7cf1511:"5225","08aff371":"5253",bf20a2eb:"5254","522d95f1":"5279",f59af033:"5305","8307bb82":"5386","6638db74":"5408","847b3bc4":"5435",f4793a78:"5455",f531b716:"5464",b283d2e2:"5479","0e3fdb5a":"5512","250ffcdd":"5519",ffe5129d:"5532",db0ebd24:"5565","77fc540a":"5600","3718f698":"5763","5a165616":"5764","2f0f344d":"5765","34a3c1ae":"5776",e252aa27:"5854","5281b7a2":"5927","88f3f33f":"5940","10f03480":"5945","9fc6df8f":"5959",bcd76598:"6050","8ff6a575":"6061","857d18b5":"6076","32c7bf40":"6095","6e869bec":"6112","1cb1b893":"6188","3a2a2cbe":"6190",d0436963:"6195",c107a2c8:"6198","7c5d32d8":"6250","7f3d36ad":"6255","0f38f188":"6266","62bbc60f":"6295",ce534227:"6342","140acae8":"6351","07686352":"6373",ebf52154:"6393",e0636556:"6418","0bd7b06f":"6422",f14b6af8:"6469","18f4f7da":"6502",afc4945b:"6516","0e50cd4d":"6560",b7ae13b2:"6588",e348fb9e:"6645","5388fcb8":"6673","095d9053":"6700",e6339806:"6702","39f5e362":"6943","1bd61b9d":"6950",f8113afe:"6957","762abe3e":"6961","97d7d53e":"6967",c377a04b:"6971","21d02ecb":"6985","2a9b5780":"7076","170989a3":"7107",c916adcd:"7155",a9e7f6cd:"7169",e7acee98:"7179","6a840bac":"7203",cce49c68:"7215","2d618eff":"7224","11f54a6a":"7301","34eb4307":"7314","0ab79735":"7333",ae10697b:"7345",de6c661b:"7378","6349fbc0":"7383","300dc0ad":"7384","69dd637e":"7459",b753e7fe:"7497","4fac8f87":"7526","96465f27":"7537","22b369d5":"7539","612623d2":"7540",c7381d34:"7544","34c1e1e7":"7571","87469ac3":"7579","49af6a86":"7619","5ff573a6":"7640",e50ee9c3:"7677","370ac30b":"7678",abf95bb4:"7767","82782dff":"7811",d26595bf:"7876",f8909550:"7893","1a4e3797":"7920","02d72f40":"7940","07db75e5":"7966","01b4035b":"8002",d6daf0cc:"8021",e89d2f4d:"8049",ee0e1228:"8092","1f330703":"8134",f94f0fba:"8205","5379b7b3":"8228",c67695e7:"8252",dd81469d:"8361","2dc49bc9":"8459",eaf5d4dd:"8469","6faa62d7":"8539","2ff44c25":"8627","0ce1d2b6":"8646",b8f3160f:"8711","32a14031":"8794","12f4838b":"8795",aba71817:"8813","635f26b6":"8927","64b4770e":"8976","126a9cd0":"8985","3d725b75":"9006","7c4790a0":"9164","340d0560":"9246","9533a6b7":"9353","9d9f8394":"9360","5fdf261e":"9456","9db89767":"9510","1be78505":"9514",d0180ce2:"9532","17b50570":"9593","6c233221":"9616",de69e49e:"9706","63e62f73":"9719","1f8b8b7b":"9733","0209d9e7":"9766","9c942e60":"9801","755aca7b":"9816","60c2c817":"9857",cf6f5f9b:"9863","8003b96f":"9940"}[e]||e,r.p+r.u(e)},(()=>{var e={1303:0,3312:0};r.f.j=(f,d)=>{var b=r.o(e,f)?e[f]:void 0;if(0!==b)if(b)d.push(b[2]);else if(/^(1303|3312)$/.test(f))e[f]=0;else{var c=new Promise(((d,c)=>b=e[f]=[d,c]));d.push(b[2]=c);var a=r.p+r.u(f),t=new Error;r.l(a,(d=>{if(r.o(e,f)&&(0!==(b=e[f])&&(e[f]=void 0),b)){var c=d&&("load"===d.type?"missing":d.type),a=d&&d.target&&d.target.src;t.message="Loading chunk "+f+" failed.\n("+c+": "+a+")",t.name="ChunkLoadError",t.type=c,t.request=a,b[1](t)}}),"chunk-"+f,f)}},r.O.j=f=>0===e[f];var f=(f,d)=>{var b,c,a=d[0],t=d[1],o=d[2],n=0;if(a.some((f=>0!==e[f]))){for(b in t)r.o(t,b)&&(r.m[b]=t[b]);if(o)var i=o(r)}for(f&&f(d);n Create a Bundle Resource | Fleet - + @@ -15,8 +15,8 @@ manually by the user. If you want to deploy resources from a git repository use When creating a Bundle resources need to be explicitly specified in the Bundle Spec. Resources can be compressed with gz. See here an example of how Rancher uses compression in go code.

    If you would like to deploy in downstream clusters, you need to define targets. Targets work similarly to targets in GitRepo. -See Mapping to Downstream Clusters.

    The following example creates a nginx Deployment in the local cluster:

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      resources:
      # List of all resources that will be deployed
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml
      targets:
      - clusterName: local

    Limitations​

    Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:

    • spec.helm.repo
    • spec.helm.charts

    You can't use a fleet.yaml in resources, it is only used by the fleet-cli to create bundles.

    The spec.targetRestrictions field is not useful, as it is an allow list for targets specified in spec.targets. It is not needed, since targets are explicitly given in a bundle and an empty targetRestrictions defaults to allow.

    Convert a Helm Chart into a Bundle​

    You can use the Fleet CLI to convert a Helm chart into a bundle.

    For example, you can download and convert the "external secrets" operator chart like this:

    cat > targets.yaml <<EOF
    targets:
    - clusterSelector: {}
    EOF

    mkdir app
    cat > app/fleet.yaml <<EOF
    defaultNamespace: external-secrets
    helm:
      repo: https://charts.external-secrets.io
      chart: external-secrets
    EOF

    fleet apply --compress --targets-file=targets.yaml -n fleet-default -o - external-secrets app > eso-bundle.yaml

    kubectl apply -f eso-bundle.yaml

    Make sure you use a cluster selector in targets.yaml, that matches all clusters you want to deploy to.

    The blog post on Fleet: Multi-Cluster Deployment with the Help of External Secrets has more information.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +See Mapping to Downstream Clusters.

    The following example creates a nginx Deployment in the local cluster:

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      resources:
      # List of all resources that will be deployed
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml
      targets:
      - clusterName: local

    Limitations​

    Helm options related to downloading the helm chart will be ignored. The helm chart is downloaded by the fleet-cli, which creates the bundles. The bundle has to contain all the resources from the chart. Therefore the bundle will ignore:

    • spec.helm.repo
    • spec.helm.charts

    You can't use a fleet.yaml in resources, it is only used by the fleet-cli to create bundles.

    The spec.targetRestrictions field is not useful, as it is an allow list for targets specified in spec.targets. It is not needed, since targets are explicitly given in a bundle and an empty targetRestrictions defaults to allow.

    Convert a Helm Chart into a Bundle​

    You can use the Fleet CLI to convert a Helm chart into a bundle.

    For example, you can download and convert the "external secrets" operator chart like this:

    cat > targets.yaml <<EOF
    targets:
    - clusterSelector: {}
    EOF

    mkdir app
    cat > app/fleet.yaml <<EOF
    defaultNamespace: external-secrets
    helm:
      repo: https://charts.external-secrets.io
      chart: external-secrets
    EOF

    fleet apply --compress --targets-file=targets.yaml -n fleet-default -o - external-secrets app > eso-bundle.yaml

    kubectl apply -f eso-bundle.yaml

    Make sure you use a cluster selector in targets.yaml, that matches all clusters you want to deploy to.

    The blog post on Fleet: Multi-Cluster Deployment with the Help of External Secrets has more information.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/bundle-diffs.html b/bundle-diffs.html index f85e8a2f5..c9dd52f4a 100644 --- a/bundle-diffs.html +++ b/bundle-diffs.html @@ -4,14 +4,14 @@ Generating Diffs to Ignore Modified GitRepos | Fleet - +
    Version: Next 🚧

    Generating Diffs to Ignore Modified GitRepos

    Continuous Delivery in Rancher is powered by fleet. When a user adds a GitRepo CR, then Continuous Delivery creates the associated fleet bundles.

    You can access these bundles by navigating to the Cluster Explorer (Dashboard UI), and selecting the Bundles section.

    The bundled charts may have some objects that are amended at runtime, for example in ValidatingWebhookConfiguration the caBundle is empty and the CA cert is injected by the cluster.

    This leads the status of the bundle and associated GitRepo to be reported as "Modified"

    Associated Bundle -

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto.

    https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +

    Fleet bundles support the ability to specify a custom jsonPointer patch.

    With the patch, users can instruct fleet to ignore object modifications.

    Simple Example​

    In this simple example, we create a Service and ConfigMap that we apply a bundle diff onto.

    https://github.com/rancher/fleet-test-data/tree/master/bundle-diffs

    Gatekeeper Example​

    In this example, we are trying to deploy opa-gatekeeper using Continuous Delivery to our clusters.

    The opa-gatekeeper bundle associated with the opa GitRepo is in modified state.

    Each path in the GitRepo CR, has an associated Bundle CR. The user can view the Bundles, and the associated diff needed in the Bundle status.

    In our case the differences detected are as follows:

      summary:
        desiredReady: 1
        modified: 1
        nonReadyResources:
        - bundleState: Modified
          modifiedStatus:
          - apiVersion: admissionregistration.k8s.io/v1
            kind: ValidatingWebhookConfiguration
            name: gatekeeper-validating-webhook-configuration
            patch: '{"$setElementOrder/webhooks":[{"name":"validation.gatekeeper.sh"},{"name":"check-ignore-label.gatekeeper.sh"}],"webhooks":[{"clientConfig":{"caBundle":"Cg=="},"name":"validation.gatekeeper.sh","rules":[{"apiGroups":["*"],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["*"]}]},{"clientConfig":{"caBundle":"Cg=="},"name":"check-ignore-label.gatekeeper.sh","rules":[{"apiGroups":[""],"apiVersions":["*"],"operations":["CREATE","UPDATE"],"resources":["namespaces"]}]}]}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-audit
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'
          - apiVersion: apps/v1
            kind: Deployment
            name: gatekeeper-controller-manager
            namespace: cattle-gatekeeper-system
            patch: '{"spec":{"template":{"spec":{"$setElementOrder/containers":[{"name":"manager"}],"containers":[{"name":"manager","resources":{"limits":{"cpu":"1000m"}}}],"tolerations":[]}}}}'

    Based on this summary, there are three objects which need to be patched.

    We will look at these one at a time.

    1. ValidatingWebhookConfiguration:​

    The gatekeeper-validating-webhook-configuration validating webhook has two ValidatingWebhooks in its spec.

    In cases where more than one element in the field requires a patch, that patch will refer these to as $setElementOrder/ELEMENTNAME

    From this information, we can see the two ValidatingWebhooks in question are:

      "$setElementOrder/webhooks": [
        {
          "name": "validation.gatekeeper.sh"
        },
        {
          "name": "check-ignore-label.gatekeeper.sh"
        }
      ],

    Within each ValidatingWebhook, the fields that need to be ignore are as follows:

        {
          "clientConfig": {
            "caBundle": "Cg=="
          },
          "name": "validation.gatekeeper.sh",
          "rules": [
            {
              "apiGroups": [
                "*"
              ],
              "apiVersions": [
                "*"
              ],
              "operations": [
                "CREATE",
                "UPDATE"
              ],
              "resources": [
                "*"
              ]
            }
          ]
        },

    and

        {
         "clientConfig": {
           "caBundle": "Cg=="
         },
         "name": "check-ignore-label.gatekeeper.sh",
         "rules": [
           {
             "apiGroups": [
               ""
             ],
             "apiVersions": [
               "*"
             ],
             "operations": [
               "CREATE",
               "UPDATE"
             ],
             "resources": [
               "namespaces"
             ]
           }
         ]
       }

    In summary, we need to ignore the fields rules and clientConfig.caBundle in our patch specification.

    The field webhook in the ValidatingWebhookConfiguration spec is an array, so we need to address the elements by their index values.

    Based on this information, our diff patch would look as follows:

      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    2. Deployment gatekeeper-controller-manager:​

    The gatekeeper-controller-manager deployment is modified since there are cpu limits and tolerations applied (which are not in the actual bundle).

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    In this case, there is only 1 container in the deployment container spec, and that container has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    3. Deployment gatekeeper-audit:​

    The gatekeeper-audit deployment is modified in a similarly, to the gatekeeper-controller-manager, with additional cpu limits and tolerations applied.

    {
      "spec": {
        "template": {
          "spec": {
            "$setElementOrder/containers": [
              {
                "name": "manager"
              }
            ],
            "containers": [
              {
                "name": "manager",
                "resources": {
                  "limits": {
                    "cpu": "1000m"
                  }
                }
              }
            ],
            "tolerations": []
          }
        }
      }
    }

    Similar to gatekeeper-controller-manager, there is only 1 container in the deployments container spec, and that has cpu limits and tolerations added.

    Based on this information, our diff patch would look as follows:

      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}

    Combining It All Together​

    We can now combine all these patches as follows:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-audit
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: apps/v1
        kind: Deployment
        name: gatekeeper-controller-manager
        namespace: cattle-gatekeeper-system
        operations:
        - {"op": "remove", "path": "/spec/template/spec/containers/0/resources/limits/cpu"}
        - {"op": "remove", "path": "/spec/template/spec/tolerations"}
      - apiVersion: admissionregistration.k8s.io/v1
        kind: ValidatingWebhookConfiguration
        name: gatekeeper-validating-webhook-configuration
        operations:
        - {"op": "remove", "path":"/webhooks/0/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/0/rules"}
        - {"op": "remove", "path":"/webhooks/1/clientConfig/caBundle"}
        - {"op": "remove", "path":"/webhooks/1/rules"}

    We can add these now to the bundle directly to test and also commit the same to the fleet.yaml in your GitRepo.

    Once these are added, the GitRepo should deploy and be in "Active" status.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/changelogs.html b/changelogs.html index b4c16e2c1..6960a4cc8 100644 --- a/changelogs.html +++ b/changelogs.html @@ -4,13 +4,13 @@ Next 🚧 | Fleet - +
    -
    Version: Next 🚧

    Next 🚧

    We are still working on the next release.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    Next 🚧

    We are still working on the next release.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/changelogs/changelogs/next.html b/changelogs/changelogs/next.html index d4196c342..c8b889742 100644 --- a/changelogs/changelogs/next.html +++ b/changelogs/changelogs/next.html @@ -4,13 +4,13 @@ Next 🚧 | Fleet - +
    -
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-agent.html b/cli/fleet-agent.html index 4ecba4720..0137cf458 100644 --- a/cli/fleet-agent.html +++ b/cli/fleet-agent.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet-agent​

    fleet-agent [flags]

    Options​

          --agent-scope string                An identifier used to scope the agent bundleID names, typically the same as namespace
          --debug                             Turn on debug logging
          --debug-level int                   If debugging is enabled, set klog -v=X
      -h, --help                              help for fleet-agent
          --kubeconfig string                 Paths to a kubeconfig. Only required if out-of-cluster.
          --namespace string                  system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system
          --zap-devel                         Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)
          --zap-encoder encoder               Zap log encoding (one of 'json' or 'console')
          --zap-log-level level               Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity
          --zap-stacktrace-level level        Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').
          --zap-time-encoding time-encoding   Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet-agent​

    fleet-agent [flags]

    Options​

          --agent-scope string                An identifier used to scope the agent bundleID names, typically the same as namespace
          --debug                             Turn on debug logging
          --debug-level int                   If debugging is enabled, set klog -v=X
      -h, --help                              help for fleet-agent
          --kubeconfig string                 Paths to a kubeconfig. Only required if out-of-cluster.
          --namespace string                  system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system
          --zap-devel                         Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)
          --zap-encoder encoder               Zap log encoding (one of 'json' or 'console')
          --zap-log-level level               Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity
          --zap-stacktrace-level level        Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').
          --zap-time-encoding time-encoding   Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-agent/fleet-agent_clusterstatus.html b/cli/fleet-agent/fleet-agent_clusterstatus.html index 7c2bdff02..89aaa0eea 100644 --- a/cli/fleet-agent/fleet-agent_clusterstatus.html +++ b/cli/fleet-agent/fleet-agent_clusterstatus.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet-agent clusterstatus​

    Continuously report resource status to the upstream cluster

    fleet-agent clusterstatus [flags]

    Options​

          --checkin-interval string   How often to post cluster status
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for clusterstatus
          --kubeconfig string         kubeconfig file for agent's cluster
          --namespace string          system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet-agent clusterstatus​

    Continuously report resource status to the upstream cluster

    fleet-agent clusterstatus [flags]

    Options​

          --checkin-interval string   How often to post cluster status
          --debug                     Turn on debug logging
          --debug-level int           If debugging is enabled, set klog -v=X
      -h, --help                      help for clusterstatus
          --kubeconfig string         kubeconfig file for agent's cluster
          --namespace string          system namespace is the namespace, the agent runs in, e.g. cattle-fleet-system

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-agent/fleet-agent_register.html b/cli/fleet-agent/fleet-agent_register.html index 150b6ec68..4acf67d4e 100644 --- a/cli/fleet-agent/fleet-agent_register.html +++ b/cli/fleet-agent/fleet-agent_register.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-cli/fleet.html b/cli/fleet-cli/fleet.html index c35775613..d3214b077 100644 --- a/cli/fleet-cli/fleet.html +++ b/cli/fleet-cli/fleet.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet​

    fleet [flags]

    Options​

      -h, --help   help for fleet

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet cleanup - Clean up outdated cluster registrations
    • fleet deploy - Deploy a bundledeployment/content resource to a cluster, by creating a Helm release. This will not deploy the bundledeployment/content resources directly to the cluster.
    • fleet gitcloner - Clones a git repository
    • fleet target - Print available targets for a bundle
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet​

    fleet [flags]

    Options​

      -h, --help   help for fleet

    SEE ALSO​

    • fleet apply - Render a bundle into a Kubernetes resource and apply it in the Fleet Manager
    • fleet cleanup - Clean up outdated cluster registrations
    • fleet deploy - Deploy a bundledeployment/content resource to a cluster, by creating a Helm release. This will not deploy the bundledeployment/content resources directly to the cluster.
    • fleet gitcloner - Clones a git repository
    • fleet target - Print available targets for a bundle
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-cli/fleet_apply.html b/cli/fleet-cli/fleet_apply.html index 2c5774086..7ccda5f47 100644 --- a/cli/fleet-cli/fleet_apply.html +++ b/cli/fleet-cli/fleet_apply.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string                     Location of the raw Bundle resource yaml
          --cacerts-file string                    Path of custom cacerts for helm repo
          --commit string                          Commit to assign to the bundle
      -c, --compress                               Force all resources to be compress
          --context string                         kubeconfig context for authentication
          --correct-drift                          Rollback any change made from outside of Fleet
          --correct-drift-force                    Use --force when correcting drift. Resources can be deleted and recreated
          --correct-drift-keep-fail-history        Keep helm history for failed rollbacks
          --debug                                  Turn on debug logging
          --debug-level int                        If debugging is enabled, set klog -v=X
      -f, --file string                            Location of the fleet.yaml
          --helm-credentials-by-path-file string   Path of file containing helm credentials for paths
          --helm-repo-url-regex string             Helm credentials will be used if the helm repo matches this regex. Credentials will always be used if this is empty or not provided
      -h, --help                                   help for apply
          --keep-resources                         Keep resources created after the GitRepo or Bundle is deleted
      -k, --kubeconfig string                      kubeconfig for authentication
      -l, --label strings                          Labels to apply to created bundles
      -n, --namespace string                       namespace (default "fleet-local")
      -o, --output string                          Output contents to file or - for stdout
          --password-file string                   Path of file containing basic auth password for helm repo
          --paused                                 Create bundles in a paused state
      -a, --service-account string                 Service account to assign to bundle created
          --ssh-privatekey-file string             Path of ssh-private-key for helm repo
          --sync-generation int                    Generation number used to force sync the deployment
          --target-namespace string                Ensure this bundle goes to this target namespace
          --targets-file string                    Addition source of targets and restrictions to be append
          --username string                        Basic auth username for helm repo

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet apply​

    Render a bundle into a Kubernetes resource and apply it in the Fleet Manager

    fleet apply [flags] BUNDLE_NAME PATH...

    Options​

      -b, --bundle-file string                     Location of the raw Bundle resource yaml
          --cacerts-file string                    Path of custom cacerts for helm repo
          --commit string                          Commit to assign to the bundle
      -c, --compress                               Force all resources to be compress
          --context string                         kubeconfig context for authentication
          --correct-drift                          Rollback any change made from outside of Fleet
          --correct-drift-force                    Use --force when correcting drift. Resources can be deleted and recreated
          --correct-drift-keep-fail-history        Keep helm history for failed rollbacks
          --debug                                  Turn on debug logging
          --debug-level int                        If debugging is enabled, set klog -v=X
      -f, --file string                            Location of the fleet.yaml
          --helm-credentials-by-path-file string   Path of file containing helm credentials for paths
          --helm-repo-url-regex string             Helm credentials will be used if the helm repo matches this regex. Credentials will always be used if this is empty or not provided
      -h, --help                                   help for apply
          --keep-resources                         Keep resources created after the GitRepo or Bundle is deleted
      -k, --kubeconfig string                      kubeconfig for authentication
      -l, --label strings                          Labels to apply to created bundles
      -n, --namespace string                       namespace (default "fleet-local")
      -o, --output string                          Output contents to file or - for stdout
          --password-file string                   Path of file containing basic auth password for helm repo
          --paused                                 Create bundles in a paused state
      -a, --service-account string                 Service account to assign to bundle created
          --ssh-privatekey-file string             Path of ssh-private-key for helm repo
          --sync-generation int                    Generation number used to force sync the deployment
          --target-namespace string                Ensure this bundle goes to this target namespace
          --targets-file string                    Addition source of targets and restrictions to be append
          --username string                        Basic auth username for helm repo

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-cli/fleet_cleanup.html b/cli/fleet-cli/fleet_cleanup.html index be884f62e..0de3c1787 100644 --- a/cli/fleet-cli/fleet_cleanup.html +++ b/cli/fleet-cli/fleet_cleanup.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet cleanup​

    Clean up outdated cluster registrations

    fleet cleanup [flags]

    Options​

          --context string      kubeconfig context for authentication
          --debug               Turn on debug logging
          --debug-level int     If debugging is enabled, set klog -v=X
          --factor string       Factor to increase delay between deletes (default: 1.1)
      -h, --help                help for cleanup
      -k, --kubeconfig string   kubeconfig for authentication
          --max string          Maximum delay between deletes (default: 5s)
          --min string          Minimum delay between deletes (default: 10ms)
      -n, --namespace string    namespace (default "fleet-local")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet cleanup​

    Clean up outdated cluster registrations

    fleet cleanup [flags]

    Options​

          --context string      kubeconfig context for authentication
          --debug               Turn on debug logging
          --debug-level int     If debugging is enabled, set klog -v=X
          --factor string       Factor to increase delay between deletes (default: 1.1)
      -h, --help                help for cleanup
      -k, --kubeconfig string   kubeconfig for authentication
          --max string          Maximum delay between deletes (default: 5s)
          --min string          Minimum delay between deletes (default: 10ms)
      -n, --namespace string    namespace (default "fleet-local")

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-cli/fleet_deploy.html b/cli/fleet-cli/fleet_deploy.html index 5934a8103..6338b19ef 100644 --- a/cli/fleet-cli/fleet_deploy.html +++ b/cli/fleet-cli/fleet_deploy.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet deploy​

    Deploy a bundledeployment/content resource to a cluster, by creating a Helm release. This will not deploy the bundledeployment/content resources directly to the cluster.

    fleet deploy [flags]

    Options​

      -a, --agent-namespace string            Set the agent namespace, normally cattle-fleet-system. If set, fleet agent will garbage collect the helm release, i.e. delete it if the bundledeployment is missing.
      -d, --dry-run                           Print the resources that would be deployed, but do not actually deploy them
      -h, --help                              help for deploy
      -i, --input-file string                 Location of the YAML file containing the content and the bundledeployment resource
          --kubeconfig string                 Paths to a kubeconfig. Only required if out-of-cluster.
      -n, --namespace string                  Set the default namespace. Deploy helm chart into this namespace.
          --zap-devel                         Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)
          --zap-encoder encoder               Zap log encoding (one of 'json' or 'console')
          --zap-log-level level               Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity
          --zap-stacktrace-level level        Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').
          --zap-time-encoding time-encoding   Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet deploy​

    Deploy a bundledeployment/content resource to a cluster, by creating a Helm release. This will not deploy the bundledeployment/content resources directly to the cluster.

    fleet deploy [flags]

    Options​

      -a, --agent-namespace string            Set the agent namespace, normally cattle-fleet-system. If set, fleet agent will garbage collect the helm release, i.e. delete it if the bundledeployment is missing.
      -d, --dry-run                           Print the resources that would be deployed, but do not actually deploy them
      -h, --help                              help for deploy
      -i, --input-file string                 Location of the YAML file containing the content and the bundledeployment resource
          --kubeconfig string                 Paths to a kubeconfig. Only required if out-of-cluster.
      -n, --namespace string                  Set the default namespace. Deploy helm chart into this namespace.
          --zap-devel                         Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)
          --zap-encoder encoder               Zap log encoding (one of 'json' or 'console')
          --zap-log-level level               Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity
          --zap-stacktrace-level level        Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').
          --zap-time-encoding time-encoding   Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-cli/fleet_gitcloner.html b/cli/fleet-cli/fleet_gitcloner.html index 8097be50e..3ca227630 100644 --- a/cli/fleet-cli/fleet_gitcloner.html +++ b/cli/fleet-cli/fleet_gitcloner.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet gitcloner​

    Clones a git repository

    fleet gitcloner [REPO] [PATH] [flags]

    Options​

      -b, --branch string                 git branch
          --ca-bundle-file string         CA bundle file
      -h, --help                          help for gitcloner
          --insecure-skip-tls             do not verify tls certificates
          --known-hosts-file string       known hosts file
          --password-file string          password file for basic auth
          --revision string               git revision
          --ssh-private-key-file string   ssh private key file path
      -u, --username string               user name for basic auth

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet gitcloner​

    Clones a git repository

    fleet gitcloner [REPO] [PATH] [flags]

    Options​

      -b, --branch string                 git branch
          --ca-bundle-file string         CA bundle file
      -h, --help                          help for gitcloner
          --insecure-skip-tls             do not verify tls certificates
          --known-hosts-file string       known hosts file
          --password-file string          password file for basic auth
          --revision string               git revision
          --ssh-private-key-file string   ssh private key file path
      -u, --username string               user name for basic auth

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-cli/fleet_target.html b/cli/fleet-cli/fleet_target.html index e10552850..22aa33ac3 100644 --- a/cli/fleet-cli/fleet_target.html +++ b/cli/fleet-cli/fleet_target.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet target​

    Print available targets for a bundle

    fleet target [flags]

    Options​

      -b, --bundle-file string                Location of the Bundle resource yaml
      -l, --dump-input-list                   Dump the live resources, which impact targeting, like clusters, as YAML
      -h, --help                              help for target
          --kubeconfig string                 Paths to a kubeconfig. Only required if out-of-cluster.
      -n, --namespace string                  Override the namespace of the bundle. Targeting searches this namespace for clusters.
          --zap-devel                         Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)
          --zap-encoder encoder               Zap log encoding (one of 'json' or 'console')
          --zap-log-level level               Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity
          --zap-stacktrace-level level        Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').
          --zap-time-encoding time-encoding   Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet target​

    Print available targets for a bundle

    fleet target [flags]

    Options​

      -b, --bundle-file string                Location of the Bundle resource yaml
      -l, --dump-input-list                   Dump the live resources, which impact targeting, like clusters, as YAML
      -h, --help                              help for target
          --kubeconfig string                 Paths to a kubeconfig. Only required if out-of-cluster.
      -n, --namespace string                  Override the namespace of the bundle. Targeting searches this namespace for clusters.
          --zap-devel                         Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)
          --zap-encoder encoder               Zap log encoding (one of 'json' or 'console')
          --zap-log-level level               Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity
          --zap-stacktrace-level level        Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').
          --zap-time-encoding time-encoding   Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-cli/fleet_test.html b/cli/fleet-cli/fleet_test.html index 7c3892c2e..741fe381f 100644 --- a/cli/fleet-cli/fleet_test.html +++ b/cli/fleet-cli/fleet_test.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet test​

    Match a bundle to a target and render the output (deprecated)

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet test​

    Match a bundle to a target and render the output (deprecated)

    fleet test [flags]

    Options​

      -b, --bundle-file string    Location of the raw Bundle resource yaml
      -f, --file string           Location of the fleet.yaml
      -g, --group string          Cluster group to match against
      -L, --group-label strings   Cluster group labels to match against
      -h, --help                  help for test
      -l, --label strings         Cluster labels to match against
      -N, --name string           Cluster name to match against
      -q, --quiet                 Just print the match and don't print the resources
      -t, --target string         Explicit target to match

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-controller/fleet-manager.html b/cli/fleet-controller/fleet-manager.html index 8fb5a2f43..51afde97a 100644 --- a/cli/fleet-controller/fleet-manager.html +++ b/cli/fleet-controller/fleet-manager.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet-manager​

    fleet-manager [flags]

    Options​

          --debug                             Turn on debug logging
          --debug-level int                   If debugging is enabled, set klog -v=X
          --disable-gitops                    disable gitops components
          --disable-metrics                   disable metrics
      -h, --help                              help for fleet-manager
          --kubeconfig string                 Paths to a kubeconfig. Only required if out-of-cluster.
          --namespace string                  namespace to watch (default "cattle-fleet-system")
          --shard-id string                   only manage resources labeled with a specific shard ID
          --zap-devel                         Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)
          --zap-encoder encoder               Zap log encoding (one of 'json' or 'console')
          --zap-log-level level               Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity
          --zap-stacktrace-level level        Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').
          --zap-time-encoding time-encoding   Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet-manager​

    fleet-manager [flags]

    Options​

          --debug                             Turn on debug logging
          --debug-level int                   If debugging is enabled, set klog -v=X
          --disable-gitops                    disable gitops components
          --disable-metrics                   disable metrics
      -h, --help                              help for fleet-manager
          --kubeconfig string                 Paths to a kubeconfig. Only required if out-of-cluster.
          --namespace string                  namespace to watch (default "cattle-fleet-system")
          --shard-id string                   only manage resources labeled with a specific shard ID
          --zap-devel                         Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default true)
          --zap-encoder encoder               Zap log encoding (one of 'json' or 'console')
          --zap-log-level level               Zap Level to configure the verbosity of logging. Can be one of 'debug', 'info', 'error', or any integer value > 0 which corresponds to custom debug levels of increasing verbosity
          --zap-stacktrace-level level        Zap Level at and above which stacktraces are captured (one of 'info', 'error', 'panic').
          --zap-time-encoding time-encoding   Zap time encoding (one of 'epoch', 'millis', 'nano', 'iso8601', 'rfc3339' or 'rfc3339nano'). Defaults to 'epoch'.

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-controller/fleet-manager_agentmanagement.html b/cli/fleet-controller/fleet-manager_agentmanagement.html index 025b2cd41..d113a00c0 100644 --- a/cli/fleet-controller/fleet-manager_agentmanagement.html +++ b/cli/fleet-controller/fleet-manager_agentmanagement.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet-manager agentmanagement​

    fleet-manager agentmanagement [flags]

    Options​

          --disable-bootstrap   disable local cluster components
      -h, --help                help for agentmanagement
          --kubeconfig string   kubeconfig file
          --namespace string    namespace to watch

    Options inherited from parent commands​

          --debug             Turn on debug logging
          --debug-level int   If debugging is enabled, set klog -v=X

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet-manager agentmanagement​

    fleet-manager agentmanagement [flags]

    Options​

          --disable-bootstrap   disable local cluster components
      -h, --help                help for agentmanagement
          --kubeconfig string   kubeconfig file
          --namespace string    namespace to watch

    Options inherited from parent commands​

          --debug             Turn on debug logging
          --debug-level int   If debugging is enabled, set klog -v=X

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-controller/fleet-manager_cleanup.html b/cli/fleet-controller/fleet-manager_cleanup.html index 6546c8e8b..bc8d39639 100644 --- a/cli/fleet-controller/fleet-manager_cleanup.html +++ b/cli/fleet-controller/fleet-manager_cleanup.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cli/fleet-controller/fleet-manager_gitjob.html b/cli/fleet-controller/fleet-manager_gitjob.html index 4ed9b1256..b76b2d55a 100644 --- a/cli/fleet-controller/fleet-manager_gitjob.html +++ b/cli/fleet-controller/fleet-manager_gitjob.html @@ -4,13 +4,13 @@ Fleet - +
    -
    Version: Next 🚧

    fleet-manager gitjob​

    fleet-manager gitjob [flags]

    Options​

          --debug                         Turn on debug logging
          --debug-level int               If debugging is enabled, set klog -v=X
          --gitjob-image string           The gitjob image that will be used in the generated job. (default "rancher/fleet:dev")
      -h, --help                          help for gitjob
          --kubeconfig string             Kubeconfig file
          --leader-elect                  Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.
          --listen string                 The port the webhook listens. (default ":8080")
          --metrics-bind-address string   The address the metric endpoint binds to. (default ":8081")
          --namespace string              namespace to watch (default "cattle-fleet-system")

    Options inherited from parent commands​

          --disable-gitops    disable gitops components
          --disable-metrics   disable metrics
          --shard-id string   only manage resources labeled with a specific shard ID

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    fleet-manager gitjob​

    fleet-manager gitjob [flags]

    Options​

          --debug                         Turn on debug logging
          --debug-level int               If debugging is enabled, set klog -v=X
          --gitjob-image string           The gitjob image that will be used in the generated job. (default "rancher/fleet:dev")
      -h, --help                          help for gitjob
          --kubeconfig string             Kubeconfig file
          --leader-elect                  Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.
          --listen string                 The port the webhook listens. (default ":8080")
          --metrics-bind-address string   The address the metric endpoint binds to. (default ":8081")
          --namespace string              namespace to watch (default "cattle-fleet-system")

    Options inherited from parent commands​

          --disable-gitops    disable gitops components
          --disable-metrics   disable metrics
          --shard-id string   only manage resources labeled with a specific shard ID

    SEE ALSO​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cluster-bundles-state.html b/cluster-bundles-state.html index ee1437d9f..af5641943 100644 --- a/cluster-bundles-state.html +++ b/cluster-bundles-state.html @@ -4,13 +4,13 @@ Cluster and Bundle State | Fleet - +
    -
    Version: Next 🚧

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    Cluster and Bundle State

    Clusters and Bundles have different states in each phase of applying Bundles.

    Bundles​

    Ready: Bundles have been deployed and all resources are ready.

    NotReady: Bundles have been deployed and some resources are not ready.

    WaitApplied: Bundles have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.

    ErrApplied: Bundles have been synced from the Fleet controller and the downstream cluster, but there were some errors when deploying the Bundle.

    OutOfSync: Bundles have been synced from Fleet controller, but downstream agent hasn't synced the change yet.

    Pending: Bundles are being processed by Fleet controller.

    Modified: Bundles have been deployed and all resources are ready, but there are some changes that were not made from the Git Repository.

    Clusters​

    WaitCheckIn: Waiting for agent to report registration information and cluster status back.

    NotReady: There are bundles in this cluster that are in NotReady state.

    WaitApplied: There are bundles in this cluster that are in WaitApplied state.

    ErrApplied: There are bundles in this cluster that are in ErrApplied state.

    OutOfSync: There are bundles in this cluster that are in OutOfSync state.

    Pending: There are bundles in this cluster that are in Pending state.

    Modified: There are bundles in this cluster that are in Modified state.

    Ready: Bundles in this cluster have been deployed and all resources are ready.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cluster-group.html b/cluster-group.html index 676607d4e..158dc4073 100644 --- a/cluster-group.html +++ b/cluster-group.html @@ -4,7 +4,7 @@ Create Cluster Groups | Fleet - + @@ -13,8 +13,8 @@ The only parameter for a cluster group is essentially the selector. When you get to a certain scale cluster groups become a more reasonable way to manage your clusters. Cluster groups serve the purpose of giving aggregated -status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +status of the deployments and then also a simpler way to manage targets.

    A cluster group is created by creating a ClusterGroup resource like below

    kind: ClusterGroup
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: production-group
      namespace: clusters
    spec:
      # This is the standard metav1.LabelSelector format to match clusters by labels
      selector:
        matchLabels:
          env: prod
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/cluster-registration.html b/cluster-registration.html index ef4090453..eb0e908c7 100644 --- a/cluster-registration.html +++ b/cluster-registration.html @@ -4,7 +4,7 @@ Register Downstream Clusters | Fleet - + @@ -75,8 +75,8 @@ above example one can run the following one-liner:

    info

    If you are using Fleet standalone without Rancher, it must be installed as described in installation details.

    The manager-initiated registration is used when you add a cluster from the Rancher dashboard.

    Create Kubeconfig Secret​

    The format of this secret is intended to match the format of the kubeconfig secret used in cluster-api. -This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This means you can use cluster-api to create a cluster that is dynamically registered with Fleet.

    Kubeconfig Secret Example
    kind: Secret
    apiVersion: v1
    metadata:
      name: my-cluster-kubeconfig
      namespace: clusters
    data:
      value: YXBpVmVyc2lvbjogdjEKY2x1c3RlcnM6Ci0gY2x1c3RlcjoKICAgIHNlcnZlcjogaHR0cHM6Ly9leGFtcGxlLmNvbTo2NDQzCiAgbmFtZTogY2x1c3Rlcgpjb250ZXh0czoKLSBjb250ZXh0OgogICAgY2x1c3RlcjogY2x1c3RlcgogICAgdXNlcjogdXNlcgogIG5hbWU6IGRlZmF1bHQKY3VycmVudC1jb250ZXh0OiBkZWZhdWx0CmtpbmQ6IENvbmZpZwpwcmVmZXJlbmNlczoge30KdXNlcnM6Ci0gbmFtZTogdXNlcgogIHVzZXI6CiAgICB0b2tlbjogc29tZXRoaW5nCg==

    Create Cluster Resource​

    The cluster resource needs to reference the kubeconfig secret.

    Cluster Resource Example
    apiVersion: fleet.cattle.io/v1alpha1
    kind: Cluster
    metadata:
      name: my-cluster
      namespace: clusters
      labels:
        demo: "true"
        env: dev
    spec:
      kubeConfigSecret: my-cluster-kubeconfig
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/concepts.html b/concepts.html index 9c857fa11..eedff30b4 100644 --- a/concepts.html +++ b/concepts.html @@ -4,7 +4,7 @@ Core Concepts | Fleet - + @@ -24,8 +24,8 @@ Regardless of the source the contents are dynamically rendered into a Helm chart and installed into the downstream cluster as a helm release.

    • To see the life cycle of a bundle, click here.

  • BundleDeployment: When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for -the cluster the agent is managing.

    • For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click here.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the cluster the agent is managing.

    • For an example of how to deploy Kubernetes manifests across clusters using Fleet customization, click here.

  • Downstream Cluster: Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

  • Cluster Registration Token: Tokens used by agents to register a new cluster.

    • Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/gitrepo-add.html b/gitrepo-add.html index dee848c19..0c5ea5a3a 100644 --- a/gitrepo-add.html +++ b/gitrepo-add.html @@ -4,7 +4,7 @@ Create a GitRepo Resource | Fleet - + @@ -15,8 +15,8 @@ Make sure you don't leak credentials by mixing public and private repositor or split them into different gitrepos, or use helmRepoURLRegex to limit the scope of credentials to certain servers.

    For a private Helm repo, users can reference a secret with the following keys:

    1. username and password for basic http auth if the Helm HTTP repo is behind basic auth.

    2. cacerts for custom CA bundle if the Helm repo is using a custom CA.

    3. ssh-privatekey for ssh private key if repo is using ssh protocol. Private key with passphase is not supported currently.

    For example, to add a secret in kubectl, run

    kubectl create secret -n $namespace generic helm --from-literal=username=foo --from-literal=password=bar --from-file=cacerts=/path/to/cacerts --from-file=ssh-privatekey=/path/to/privatekey.pem

    After secret is created, specify the secret to gitRepo.spec.helmSecretName. Make sure secret is created under the same namespace with gitrepo.

    Use different helm credentials for each path​

    info

    gitRepo.spec.helmSecretName will be ignored if gitRepo.spec.helmSecretNameForPaths is provided

    Create a file secrets-path.yaml that contains credentials for each path defined in a GitRepo. Credentials will not be used for paths that are not present in this file. The path is the actual path to the bundle (ie to a folder containing a fleet.yaml file) within the git repository, which might have more segments than the entry under paths:.

    Example:

    path-one: # path path-one must exist in the repository
      username: user
      password: pass
    path-two:  # path path-one must exist in the repository
      username: user2
      password: pass2
      caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCiAgICBNSUlEblRDQ0FvV2dBd0lCQWdJVUNwMHB2SVJTb2c0eHJKN2Q1SUI2ME1ka0k1WXdEUVlKS29aSWh2Y05BUUVMCiAgICBCUUF3WGpFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NCiAgICBHRWx1ZEdWeWJtVjBJRmRwWkdkcGRITWdVSFI1SUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2CiAgICBjbWN3SGhjTk1qTXdOREkzTVRVd056VXpXaGNOTWpnd05ESTFNVFV3TnpVeldqQmVNUXN3Q1FZRFZRUUdFd0pCCiAgICBWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFQ2d3WVNXNTBaWEp1WlhRZ1YybGtaMmwwCiAgICBjeUJRZEhrZ1RIUmtNUmN3RlFZRFZRUUREQTV5WVc1amFHVnlMbTE1TG05eVp6Q0NBU0l3RFFZSktvWklodmNOCiAgICBBUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBvZE5TMDB6NDc1dnVSc2ZZcTFRYTFHQVl3QU92anV4MERKTHY5CiAgICBrZFhwT091dGdjMU8yWUdqNUlCVGQzVmpISmFJYUg3SDR2Rm84RlBaMG9zcU9YaFg3eUM4STdBS3ZhOEE5VmVmCiAgICBJVXp6Vlo1cCs1elNxRjdtZTlOaUNiL0pVSkZLT0ZsTkF4cjZCcXhoMEIyN1VZTlpjaUIvL1V0L0I2eHJuVE55CiAgICBoRzJiNzk4bjg4bFZqY3EzbEE0djFyM3VzWGYxVG5aS2t2UEN4ZnFHYk5OdTlpTjdFZnZHOWoyekdHcWJvcDRYCiAgICBXY3VSa3N3QkgxZlRNS0ZrbGcrR1VsZkZPMGFzL3phalVOdmdweTlpdVBMZUtqZTVWcDBiMlBLd09qUENpV2d4CiAgICBabDJlVDlNRnJjV0F3NTg3emE5NDBlT1Era2pkdmVvUE5sU2k3eVJMMW96YlRka0NBd0VBQWFOVE1GRXdIUVlECiAgICBWUjBPQkJZRUZEQkNkYjE4M1hsU0tWYzBxNmJSTCt0dVNTV3lNQjhHQTFVZEl3UVlNQmFBRkRCQ2RiMTgzWGxTCiAgICBLVmMwcTZiUkwrdHVTU1d5TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCCiAgICBBQ1BCVERkZ0dCVDVDRVoxd1pnQmhKdm9GZTk2MUJqVCtMU2RxSlpsSmNRZnlnS0hyNks5ZmZaY1ZlWlBoMVU0CiAgICB3czBuWGNOZiszZGJlTjl4dVBiY0VqUWlQaFJCcnRzalE1T1JiVHdYWEdBdzlYbDZYTkl6YjN4ZDF6RWFzQXZPCiAgICBJMjM2ZHZXQ1A0dWoycWZqR0FkQjJnaXU2b2xHK01CWHlneUZKMElzRENraldLZysyWEdmU3lyci9KZU1vZlFBCiAgICB1VU9wcFVGdERYd0lrUW1VTGNVVUxWcTdtUVNQb0lzVkNNM2hKNVQzczdUSWtHUDZVcGVSSjgzdU9LbURYMkRHCiAgICBwVWVQVHBuVWVLOVMzUEVKTi9XcmJSSVd3WU1OR29qdDRKWitaK1N6VE1aVkh0SlBzaGpjL1hYOWZNU1ZXQmlzCiAgICBQRW5MU256MDQ4OGFUQm5SUFlnVXFsdz0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0=
      sshPrivateKey: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJRFF6Q0NBaXNDRkgxTm5YUWI5SlV6anNBR3FSc3RCYncwRlFpak1BMEdDU3FHU0liM0RRRUJDd1VBTUY0eAogICAgQ3pBSkJnTlZCQVlUQWtGVk1STXdFUVlEVlFRSURBcFRiMjFsTFZOMFlYUmxNU0V3SHdZRFZRUUtEQmhKYm5SbAogICAgY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdReEZ6QVZCZ05WQkFNTURuSmhibU5vWlhJdWJYa3ViM0puTUI0WAogICAgRFRJek1EUXlOekUxTVRBMU5Gb1hEVEkwTURReU5qRTFNVEExTkZvd1hqRUxNQWtHQTFVRUJoTUNRVlV4RXpBUgogICAgQmdOVkJBZ01DbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9NR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNQogICAgSUV4MFpERVhNQlVHQTFVRUF3d09jbUZ1WTJobGNpNXRlUzV2Y21jd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQogICAgQTRJQkR3QXdnZ0VLQW9JQkFRRGd6UUJJTW8xQVFHNnFtYmozbFlYUTFnZjhYcURTbjdyM2lGcVZZZldDVWZOSwogICAgaGZwampTRGpOMmRWWEV2UXA3R0t3akFHUElFbXR5RmxyUW5rUGtnTGFSaU9jSDdNN0p2c3ZIa0Ewd0g0dzJ2QgogICAgUEp6aVlINWh2MUE2WS9NcFM5bVkvQUVxVm80TUJkdnNZQzc3MFpCbzVBMitIUEtMd1YzMVZyYlhhTytWeUJtNAogICAgSmJhZHlNUk40N3BKRWdPMjJaYVRXL3Y3S1dKdjNydGJTMlZVSkNlU0piWlpsN09ocHhLRTVocStmK0RWaU1mcQogICAgTWx4ODNEV2pVSlVkV3lqVUZYVlk0bEdVaUtrRWVtSlVuSlVyY1ErOXE1SzVaWmhyRjhoRXhKRjhiZTZjemVzeAogICAga1VWN3dKb1RjWkd2bUhYSk1FNmtrQXh4Mmh3bU8wSFcyQWdDdTJZekFnTUJBQUV3RFFZSktvWklodmNOQVFFTAogICAgQlFBRGdnRUJBS1BpTWdXc1dCTnJvRkY2aWpYL2xMM3FxaWc4TjlkR1VPWDIyRVJDU1RTekNONjM0ZTFkZUhsdQogICAgbTc5OU11Q3hvWSsyZWluNlV1cFMvTEV6cnpvU2dDVWllQzQrT3ZralF5eGJpTFR6bW1OWEFnd09TM3RvTHRGWAogICAgbytmWWpSMU9xcHVPS29kMkhiYjliczRWcXdaNHEvMlVKbXE2Q01pYjZKZUE2VFJvK2Rkc0pUM2dDOFhWL1Z1MAogICAgNnkwdjJxdTM0bm1MYjFxOHFTS1RwZXYyQmwzQUJGY3NyS0JvNHFieUM2bnBTbnpZenNYcS90SlFLclplNE4vMgogICAgUXIzd1dxQ0pDVWUrMWVsT3A2b0JVcXNWSnc3aHk3YzRLc1Fna09ERDJkc2NuNEF1NGJhWlY2QmpySm1USVY0aQogICAgeXJ1dk9oZ2lINklGUVdDWmVQM2s0MU5obWRzRTNHQT0KICAgIC0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K

    Create the secret

    kubectl create secret generic path-auth-secret -n fleet-default --from-file=secrets-path.yaml

    In the previous example credentials for username user will be used for the path path-one and credentials for username -user2 will be used for the path path-two.

    caBundle and sshPrivateKey must be base64 encoded.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +user2 will be used for the path path-two.

    caBundle and sshPrivateKey must be base64 encoded.

    note

    If you are using "rancher-backups" and want this secret to be included the backup, please add the label resources.cattle.io/backup: true to the secret. In that case, make sure to encrypt the backup to protect sensitive credentials.

    Troubleshooting

    See Fleet Troubleshooting section here.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/gitrepo-content.html b/gitrepo-content.html index 7dab40ef2..011c7fd13 100644 --- a/gitrepo-content.html +++ b/gitrepo-content.html @@ -4,7 +4,7 @@ Git Repository Contents | Fleet - + @@ -53,8 +53,8 @@ will target deployment.yaml. The patch will be applied using JSON Which strategy is used is based on the file content. Even though JSON strategies are used, the files can be written using YAML syntax.

    Cluster and Bundle State​

    See Cluster and Bundle state.

    Nested GitRepo CRs​

    Nested GitRepo CRs (defining a GitRepo that points to a repository containing one or more GitRepo resources) is supported. You can use this feature to take advantage of GitOps in your GitRepo resources or, for example, to split complex scenarios into more than one GitRepo resource. -When finding a GitRepo in a Bundle Fleet will simply deploy it as any other resource.

    See this example.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +When finding a GitRepo in a Bundle Fleet will simply deploy it as any other resource.

    See this example.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/gitrepo-targets.html b/gitrepo-targets.html index d8efa9604..4e60373ce 100644 --- a/gitrepo-targets.html +++ b/gitrepo-targets.html @@ -4,7 +4,7 @@ Mapping to Downstream Clusters | Fleet - + @@ -23,8 +23,8 @@ and add clusters to it.

    this issue for more details.

  • Helm.WaitForJobs

  • Kustomize.Dir

  • YAML.Overlays

  • Diff.ComparePatches

    • Additional Examples​

    Examples using raw Kubernetes YAML, Helm charts, Kustomize, and combinations -of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +of the three are in the Fleet Examples repo.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/imagescan.html b/imagescan.html index 74a31379f..bb6909033 100644 --- a/imagescan.html +++ b/imagescan.html @@ -4,7 +4,7 @@ Using Image Scan to Update Container Image References | Fleet - + @@ -12,8 +12,8 @@
    Version: Next 🚧

    Using Image Scan to Update Container Image References

    Image scan in fleet allows you to scan your image repository, fetch the desired image and update your git repository, without the need to manually update your manifests.

    caution

    This feature is considered as experimental feature.

    Go to fleet.yaml and add the following section.

    imageScans:
    # specify the policy to retrieve images, can be semver or alphabetical order
    - policy:
        # if range is specified, it will take the latest image according to semver order in the range
        # for more details on how to use semver, see https://github.com/Masterminds/semver
        semver:
          range: "*"
        # can use ascending or descending order
        alphabetical:
          order: asc

      # specify images to scan
      image: "your.registry.com/repo/image"

      # Specify the tag name, it has to be unique in the same bundle
      tagName: test-scan

      # specify secret to pull image if in private registry
      secretRef:
        name: dockerhub-secret

      # Specify the scan interval
      interval: 5m
    info

    You can create multiple image scans in fleet.yaml.

    note

    Semver will ignore pre-release versions (for example, 0.0.1-10) unless a pre-release version is explicitly used in the range definition. For example, the "*" range will ignore pre-releases while ">= 0.0.1-10" will take them into account.

    Go to your manifest files and update the field that you want to replace. For example:

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: redis-slave
    spec:
      selector:
        matchLabels:
          app: redis
          role: slave
          tier: backend
      replicas: 2
      template:
        metadata:
          labels:
            app: redis
            role: slave
            tier: backend
        spec:
          containers:
          - name: slave
            image: <image>:<tag> # {"$imagescan": "test-scan"}
            resources:
              requests:
                cpu: 100m
                memory: 100Mi
            ports:
            - containerPort: 6379
    note

    There are multiple form of tagName you can reference. For example

    {"$imagescan": "test-scan"}: Use full image name(foo/bar:tag)

    {"$imagescan": "test-scan:name"}: Only use image name without tag(foo/bar)

    {"$imagescan": "test-scan:tag"}: Only use image tag

    {"$imagescan": "test-scan:digest"}: Use full image name with digest(foo/bar:tag@sha256...)

    Create a GitRepo that includes your fleet.yaml

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: my-repo
      namespace: fleet-local
    spec:
      # change this to be your own repo
      repo: https://github.com/rancher/fleet-examples
      # define how long it will sync all the images and decide to apply change
      imageScanInterval: 5m
      # user must properly provide a secret that have write access to git repository
      clientSecretName: secret
      # specify the commit pattern
      imageScanCommit:
        authorName: foo
        authorEmail: foo@bar.com
        messageTemplate: "update image"

    Try pushing a new image tag, for example, <image>:<new-tag>. Wait for a while and there should be a new commit pushed into your git repository to change tag in deployment.yaml. -Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Once change is made into git repository, fleet will read through the change and deploy the change into your cluster.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/index.html b/index.html index b2c1447fb..19c079004 100644 --- a/index.html +++ b/index.html @@ -4,13 +4,13 @@ Overview | Fleet - +
    -
    Version: Next 🚧

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    Overview

    What is Fleet?​

    • Cluster engine: Fleet is a container management and deployment engine designed to offer users more control on the local cluster and constant monitoring through GitOps. Fleet focuses not only on the ability to scale, but it also gives users a high degree of control and visibility to monitor exactly what is installed on the cluster.

    • Deployment management: Fleet can manage deployments from git of raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three. Regardless of the source, all resources are dynamically turned into Helm charts, and Helm is used as the engine to deploy all resources in the cluster. As a result, users can enjoy a high degree of control, consistency, and auditability of their clusters.

    Configuration Management​

    Fleet is fundamentally a set of Kubernetes custom resource definitions (CRDs) and controllers that manage GitOps for a single Kubernetes cluster or a large scale deployment of Kubernetes clusters. It is a distributed initialization system that makes it easy to customize applications and manage HA clusters from a single point.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/installation.html b/installation.html index 9404b1edd..6fcd4e4cd 100644 --- a/installation.html +++ b/installation.html @@ -4,7 +4,7 @@ Installation Details | Fleet - + @@ -44,8 +44,8 @@ the ca.pem is not correct. The contents of the $API_SERVER_CA and the CA certificate is in the file ca.pem. If your API server URL is signed by a well-known CA you can omit the apiServerCA parameter below or just create an empty ca.pem file (ie touch ca.pem).

    Setup the environment with your specific values, e.g.:

    API_SERVER_URL="https://example.com:6443"
    API_SERVER_CA="ca.pem"

    Once you have validated the API server URL and API server CA parameters, install the following two Helm charts.

    First add Fleet's Helm repository.
    helm repo add fleet https://rancher.github.io/fleet-helm-charts/

    Second install the Fleet CustomResourcesDefintions.

    helm -n cattle-fleet-system install --create-namespace --wait \
        fleet-crd

    Third install the Fleet controllers.

    helm -n cattle-fleet-system install --create-namespace --wait \
        --set apiServerURL="$API_SERVER_URL" \
        --set-file apiServerCA="$API_SERVER_CA" \
        fleet

    At this point the Fleet manager should be ready. You can now register clusters and git repos with -the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +the Fleet manager.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/multi-user.html b/multi-user.html index 85b3873bb..6c102f16a 100644 --- a/multi-user.html +++ b/multi-user.html @@ -4,7 +4,7 @@ Setup Multi User | Fleet - + @@ -18,8 +18,8 @@ users are only restricted to namespaces, but namespaces don't provide much isolation on their own. E.g. they can still consume as many resources as they like.

    However, the existing Fleet restrictions allow users to share clusters, and deploy resources without conflicts.

    Example Fleet Standalone​

    This would create a user 'fleetuser', who can only manage GitRepo resources in the 'project1' namespace.

    kubectl create serviceaccount fleetuser
    kubectl create namespace project1
    kubectl create -n project1 role fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --role=fleetuser

    If we want to give access to multiple namespaces, we can use a single cluster role with two role bindings:

    kubectl create clusterrole fleetuser --verb=get --verb=list --verb=create --verb=delete --resource=gitrepos.fleet.cattle.io
    kubectl create -n project1 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser
    kubectl create -n project2 rolebinding fleetuser --serviceaccount=default:fleetuser --clusterrole=fleetuser

    This makes sure, tenants can't interfere with GitRepo resources from other tenants, since they don't have access to their namespaces.

    Example Fleet in Rancher​

    When a new fleet workspace is created, a corresponding namespace with an identical name is automatically generated within the Rancher local cluster. -For a user to see and deploy fleet resources in a specific workspace, they need at least the following permissions:

    • list/get the fleetworkspace cluster-wide resource in the local cluster
    • Permissions to create fleet resources (such as bundles, gitrepos, ...) in the backing namespace for the workspace in the local cluster.

    Let's grant permissions to deploy fleet resources in the project1 and project2 fleet workspaces:

    • To create the project1 and project2 fleet workspaces, you can either do it in the Rancher UI or use the following YAML resources:
    apiVersion: management.cattle.io/v3
    kind: FleetWorkspace
    metadata:
      name: project1
    apiVersion: management.cattle.io/v3
    kind: FleetWorkspace
    metadata:
      name: project2
    • Create a GlobalRole that grants permission to deploy fleet resources in the project1 and project2 fleet workspaces:
    apiVersion: management.cattle.io/v3
    kind: GlobalRole
    metadata:
      name: fleet-projects1and2
    namespacedRules:
      project1:
        - apiGroups:
            - fleet.cattle.io
          resources:
            - gitrepos
            - bundles
            - clusterregistrationtokens
            - gitreporestrictions
            - clusters
            - clustergroups
          verbs:
            - '*'
      project2:
        - apiGroups:
            - fleet.cattle.io
          resources:
            - gitrepos
            - bundles
            - clusterregistrationtokens
            - gitreporestrictions
            - clusters
            - clustergroups
          verbs:
            - '*'
    rules:
      - apiGroups:
          - management.cattle.io
        resourceNames:
          - project1
          - project2
        resources:
          - fleetworkspaces
        verbs:
          - '*'

    Assign the GlobalRole to users or groups, more info can be found in the Rancher docs

    The user now has access to the Continuous Delivery tab in Rancher and can deploy resources to both the project1 and project2 workspaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For a user to see and deploy fleet resources in a specific workspace, they need at least the following permissions:

    • list/get the fleetworkspace cluster-wide resource in the local cluster
    • Permissions to create fleet resources (such as bundles, gitrepos, ...) in the backing namespace for the workspace in the local cluster.

    Let's grant permissions to deploy fleet resources in the project1 and project2 fleet workspaces:

    • To create the project1 and project2 fleet workspaces, you can either do it in the Rancher UI or use the following YAML resources:
    apiVersion: management.cattle.io/v3
    kind: FleetWorkspace
    metadata:
      name: project1
    apiVersion: management.cattle.io/v3
    kind: FleetWorkspace
    metadata:
      name: project2
    • Create a GlobalRole that grants permission to deploy fleet resources in the project1 and project2 fleet workspaces:
    apiVersion: management.cattle.io/v3
    kind: GlobalRole
    metadata:
      name: fleet-projects1and2
    namespacedRules:
      project1:
        - apiGroups:
            - fleet.cattle.io
          resources:
            - gitrepos
            - bundles
            - clusterregistrationtokens
            - gitreporestrictions
            - clusters
            - clustergroups
          verbs:
            - '*'
      project2:
        - apiGroups:
            - fleet.cattle.io
          resources:
            - gitrepos
            - bundles
            - clusterregistrationtokens
            - gitreporestrictions
            - clusters
            - clustergroups
          verbs:
            - '*'
    rules:
      - apiGroups:
          - management.cattle.io
        resourceNames:
          - project1
          - project2
        resources:
          - fleetworkspaces
        verbs:
          - '*'

    Assign the GlobalRole to users or groups, more info can be found in the Rancher docs

    The user now has access to the Continuous Delivery tab in Rancher and can deploy resources to both the project1 and project2 workspaces.

    Allow Access to Clusters​

    This assumes all GitRepos created by 'fleetuser' have the team: one label. Different labels could be used, to select different cluster namespaces.

    In each of the user's namespaces, as an admin create a BundleNamespaceMapping.

    kind: BundleNamespaceMapping
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: mapping
      namespace: project1

    # Bundles to match by label.
    # The labels are defined in the fleet.yaml # labels field or from the
    # GitRepo metadata.labels field
    bundleSelector:
      matchLabels:
        team: one
        # or target one repo
        #fleet.cattle.io/repo-name: simpleapp

    # Namespaces, containing clusters, to match by label
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: fleet-default
        # the label is on the namespace
        #workspace: prod

    The target section in the GitRepo resource can be used to deploy only to a subset of the matched clusters.

    Restricting Access to Downstream Clusters​

    Admins can further restrict tenants by creating a GitRepoRestriction in each of their namespaces.

    kind: GitRepoRestriction
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: restriction
      namespace: project1

    allowedTargetNamespaces:
      - project1simpleapp

    This will deny the creation of cluster wide resources, which may interfere with other tenants and limit the deployment to the 'project1simpleapp' namespace.

    An Example GitRepo Resource​

    A GitRepo resource created by a tenant, without admin access could look like this:

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: simpleapp
      namespace: project1
      labels:
        team: one

    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - bundle-diffs

      targetNamespace: project1simpleapp

      # do not match the upstream/local cluster, won't work
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

    This includes the team: one label and and the required targetNamespace.

    Together with the previous BundleNamespaceMapping it would target all clusters with a env: dev label in the 'fleet-default' namespace.

    note

    BundleNamespaceMappings do not work with local clusters, so make sure not to target them.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/namespaces.html b/namespaces.html index 1dd27642e..d03bddcf0 100644 --- a/namespaces.html +++ b/namespaces.html @@ -4,7 +4,7 @@ Namespaces | Fleet - + @@ -39,8 +39,8 @@ in an error state and won't be deployed.

    This can also be used to set If an allowedTargetNamespaces restriction is present, all GitRepos must specify a targetNamespace and the specified namespace must be in the allow list. -This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +This also prevents the creation of cluster wide resources.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/quickstart.html b/quickstart.html index b8e0f4845..c3767291c 100644 --- a/quickstart.html +++ b/quickstart.html @@ -4,15 +4,15 @@ Quick Start | Fleet - +
    Version: Next 🚧

    Quick Start

    Who needs documentation, lets just run this thing!

    Install​

    Fleet is distributed as a Helm chart. Helm 3 is a CLI, has no server side component, and its use is fairly straightforward. To install the Helm 3 CLI follow the official install instructions.

    Fleet in Rancher

    Rancher has separate helm charts for Fleet and uses a different repository.

    brew install helm
    helm repo add fleet https://rancher.github.io/fleet-helm-charts/

    Install the Fleet Helm charts (there's two because we separate out CRDs for ultimate flexibility.)

    helm -n cattle-fleet-system install --create-namespace --wait fleet-crd \
        fleet/fleet-crd
    helm -n cattle-fleet-system install --create-namespace --wait fleet \
        fleet/fleet

    Add a Git Repo to Watch​

    Change spec.repo to your git repo of choice. Kubernetes manifest files that should -be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +be deployed should be in /manifests in your repo.

    cat > example.yaml << "EOF"
    apiVersion: fleet.cattle.io/v1alpha1
    kind: GitRepo
    metadata:
      name: sample
      # This namespace is special and auto-wired to deploy to the local cluster
      namespace: fleet-local
    spec:
      # Everything from this repo will be run in this cluster. You trust me right?
      repo: "https://github.com/rancher/fleet-examples"
      paths:
      - simple
    EOF

    kubectl apply -f example.yaml

    Get Status​

    Get status of what fleet is doing

    kubectl -n fleet-local get fleet

    You should see something like this get created in your cluster.

    kubectl get deploy frontend
    NAME       READY   UP-TO-DATE   AVAILABLE   AGE
    frontend   3/3     3            3           116m

    Enjoy and read the docs.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/ref-bundle-stages.html b/ref-bundle-stages.html index a8497a865..c6ccdcb43 100644 --- a/ref-bundle-stages.html +++ b/ref-bundle-stages.html @@ -4,13 +4,13 @@ Bundle Lifecycle | Fleet - +
    -
    Version: Next 🚧

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Examining the Bundle Lifecycle With the CLI​

    Several fleet CLI commands help with debugging bundles.

    fleet apply​

    Apply renders a folder with Kubernetes resources, such as a Helm chart, manifests, or kustomize folders, into a Fleet bundle resource.

    git clone https://github.com/rancher/fleet-test-data
    cd fleet-test-data
    fleet apply -n fleet-local -o bundle.yaml testbundle simple-chart/

    More information on how to create bundles with fleet apply can be found in the section on bundles.

    fleet target​

    Target reads a bundle from a file and works with a live cluster to print out the bundledeployment & content resource, which fleetcontroller would create. It takes a namespace as an argument, so it can look in that namespace for e.g. cluster resources. It can also dump the data structure which is used during "targeting", so decisions taken regarding labels and cluster names can be checked.

    fleet deploy​

    Deploy takes the output of fleet target, or a dumped bundledeployment/content resource and deploys it to a cluster, just like fleet-agent would. It supports a dry run mode, to print out the resources which would be created, instead of installing them with helm. Since the command doesn't create the input resources, a running fleet-agent would likely garbage collect the deployment.

    The deploy command can be used to bring bundles to air-gapped clusters.

    Lifecycle CLI Example​

    git clone https://github.com/rancher/fleet-test-data
    cd fleet-test-data
    # for information about apply see https://fleet.rancher.io/bundle-add
    fleet apply -n fleet-local -o bundle.yaml testbundle simple-chart/
    fleet target --bundle-file bundle.yaml --list-inputs  > bd.yaml
    fleet deploy --input-file bd.yaml --dry-run
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    Bundle Lifecycle

    A bundle is an internal resource used for the orchestration of resources from git. When a GitRepo is scanned it will produce one or more bundles.

    To demonstrate the life cycle of a Fleet bundle, we will use multi-cluster/helm as a case study.

    1. User will create a GitRepo that points to the multi-cluster/helm repository.
    2. The gitjob-controller will sync changes from the GitRepo and detect changes from the polling or webhook event. With every commit change, the gitjob-controller will create a job that clones the git repository, reads content from the repo such as fleet.yaml and other manifests, and creates the Fleet bundle.

    Note: The job pod with the image name rancher/tekton-utils will be under the same namespace as the GitRepo.

    1. The fleet-controller then syncs changes from the bundle. According to the targets, the fleet-controller will create BundleDeployment resources, which are a combination of a bundle and a target cluster.
    2. The fleet-agent will then pull the BundleDeployment from the Fleet controlplane. The agent deploys bundle manifests as a Helm chart from the BundleDeployment into the downstream clusters.
    3. The fleet-agent will continue to monitor the application bundle and report statuses back in the following order: bundledeployment > bundle > GitRepo > cluster.

    This diagram shows the different rendering stages a bundle goes through until deployment.

    Bundle Stages

    Examining the Bundle Lifecycle With the CLI​

    Several fleet CLI commands help with debugging bundles.

    fleet apply​

    Apply renders a folder with Kubernetes resources, such as a Helm chart, manifests, or kustomize folders, into a Fleet bundle resource.

    git clone https://github.com/rancher/fleet-test-data
    cd fleet-test-data
    fleet apply -n fleet-local -o bundle.yaml testbundle simple-chart/

    More information on how to create bundles with fleet apply can be found in the section on bundles.

    fleet target​

    Target reads a bundle from a file and works with a live cluster to print out the bundledeployment & content resource, which fleetcontroller would create. It takes a namespace as an argument, so it can look in that namespace for e.g. cluster resources. It can also dump the data structure which is used during "targeting", so decisions taken regarding labels and cluster names can be checked.

    fleet deploy​

    Deploy takes the output of fleet target, or a dumped bundledeployment/content resource and deploys it to a cluster, just like fleet-agent would. It supports a dry run mode, to print out the resources which would be created, instead of installing them with helm. Since the command doesn't create the input resources, a running fleet-agent would likely garbage collect the deployment.

    The deploy command can be used to bring bundles to air-gapped clusters.

    Lifecycle CLI Example​

    git clone https://github.com/rancher/fleet-test-data
    cd fleet-test-data
    # for information about apply see https://fleet.rancher.io/bundle-add
    fleet apply -n fleet-local -o bundle.yaml testbundle simple-chart/
    fleet target --bundle-file bundle.yaml --list-inputs  > bd.yaml
    fleet deploy --input-file bd.yaml --dry-run
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/ref-bundle.html b/ref-bundle.html index a43c226cd..fdd8d66dd 100644 --- a/ref-bundle.html +++ b/ref-bundle.html @@ -4,14 +4,14 @@ Bundle Resource | Fleet - +
    Version: Next 🚧

    Bundle Resource

    Bundles are automatically created by Fleet when a GitRepo is created.

    The content of the resource corresponds to the BundleSpec. -For more information on how to use the Bundle resource Create a Bundle Resource.

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # Namespace used for resources that do not specify a namespace.
      # This field is not used to enforce or lock down the deployment to a specific namespace.
      # defaultNamespace: test

      # If present will assign all resource to this
      # namespace and if any cluster scoped resource exists the deployment will fail.
      # targetNamespace: app

      # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.
      # kustomize: ...

      # Helm options for the deployment, like the chart name, repo and values.
      # helm: ...

      # ServiceAccount which will be used to perform this deployment.
      # serviceAccount: sa

      # ForceSyncGeneration is used to force a redeployment.
      # forceSyncGeneration: 0

      # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.
      # yaml: ...

      # Diff can be used to ignore the modified state of objects which are amended at runtime.
      # A specific commit or tag can also be watched.
      #
      # diff: ...

      # KeepResources can be used to keep the deployed resources when removing the bundle.
      # keepResources: false

      # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.
      # paused: false

      # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.
      # rolloutStrategy: ...

      # Contain the actual resources from the git repo which will be deployed.
      resources:
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

      # This field is used by Fleet internally, and it should not be modified manually.
      # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.
      # targetRestrictions: ...

      # Refers to the bundles which must be ready before this bundle can be deployed.
      # dependsOn: ...

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For more information on how to use the Bundle resource Create a Bundle Resource.

    kind: Bundle
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-bundle
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # Namespace used for resources that do not specify a namespace.
      # This field is not used to enforce or lock down the deployment to a specific namespace.
      # defaultNamespace: test

      # If present will assign all resource to this
      # namespace and if any cluster scoped resource exists the deployment will fail.
      # targetNamespace: app

      # Kustomize options for the deployment, like the dir containing the kustomization.yaml file.
      # kustomize: ...

      # Helm options for the deployment, like the chart name, repo and values.
      # helm: ...

      # ServiceAccount which will be used to perform this deployment.
      # serviceAccount: sa

      # ForceSyncGeneration is used to force a redeployment.
      # forceSyncGeneration: 0

      # YAML options, if using raw YAML these are names that map to overlays/{name} that will be used to replace or patch a resource.
      # yaml: ...

      # Diff can be used to ignore the modified state of objects which are amended at runtime.
      # A specific commit or tag can also be watched.
      #
      # diff: ...

      # KeepResources can be used to keep the deployed resources when removing the bundle.
      # keepResources: false

      # If set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.
      # paused: false

      # Controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.
      # rolloutStrategy: ...

      # Contain the actual resources from the git repo which will be deployed.
      resources:
      - content: |
          apiVersion: apps/v1
          kind: Deployment
          metadata:
            name: nginx-deployment
            labels:
              app: nginx
          spec:
            replicas: 3
            selector:
              matchLabels:
                app: nginx
            template:
              metadata:
                labels:
                  app: nginx
              spec:
                containers:
                  - name: nginx
                    image: nginx:1.14.2
                    ports:
                      - containerPort: 80
        name: nginx.yaml

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      #
      # targets: ...

      # This field is used by Fleet internally, and it should not be modified manually.
      # Fleet will copy all targets into targetRestrictions when a Bundle is created for a GitRepo.
      # targetRestrictions: ...

      # Refers to the bundles which must be ready before this bundle can be deployed.
      # dependsOn: ...

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/ref-configuration.html b/ref-configuration.html index 268e8916e..a6ef57679 100644 --- a/ref-configuration.html +++ b/ref-configuration.html @@ -4,7 +4,7 @@ Configuration | Fleet - + @@ -14,8 +14,8 @@ determines which Fleet controller deployment will reconcile them.
    • If this resource will not be processed.

    Annotations​

    Annotations used by fleet:

    • fleet.cattle.io/agent-namespace
    • fleet.cattle.io/bundle-id
    • fleet.cattle.io/cluster, fleet.cattle.io/cluster-namespace - used on a cluster namespace to reference the cluster registration namespace and cluster name
    • fleet.cattle.io/cluster-group
    • fleet.cattle.io/cluster-registration-namespace
    • fleet.cattle.io/cluster-registration
    • fleet.cattle.io/commit
    • fleet.cattle.io/managed - appears unused
    • fleet.cattle.io/service-account

    Fleet agent configuration​

    Tolerations, affinity and resources can be customized for the Fleet agent. These fields can be provided when creating a Cluster, see Registering Downstream Cluster for more info on how to create Clusters. Default configuration will be used if these fields are not provided.

    If you change the resources limits, make sure the limits allow the fleet-agent to work normally.

    Keep in mind that if you downgrade Fleet to a previous version than v0.7.0 Fleet will fallback to the built-in defaults. -Agents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +Agents will redeploy if they had custom affinity. If Fleet version number does not change, redeployment might not be immediate.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/ref-crds.html b/ref-crds.html index e392a5417..00844302f 100644 --- a/ref-crds.html +++ b/ref-crds.html @@ -4,13 +4,13 @@ Custom Resources Spec | Fleet - +
    -
    Version: Next 🚧

    Custom Resources Spec

    Sub Resources

    Bundle​

    Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.

    When a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDisplay​

    BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle.

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    stateState is a summary state for the bundle, calculated over the non-ready resources.stringfalse

    Back to Custom Resources

    BundleList​

    BundleList contains a list of Bundle

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]Bundletrue

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    nameName of the bundle.stringfalse
    selectorSelector matching bundle's labels.*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    BundleResource represents the content of a single resource from the bundle, like a YAML manifest.

    FieldDescriptionSchemeRequired
    nameName of the resource, can include the bundle's internal path.stringfalse
    contentThe content of the resource, can be compressed.stringfalse
    encodingEncoding is either empty or \"base64+gz\".stringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts.[]BundleResourcefalse
    targetsTargets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used.[]BundleTargetfalse
    targetRestrictionsTargetRestrictions is an allow list, which controls if a bundledeployment is created for a target.[]BundleTargetRestrictionfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of Wrangler conditions that describe the state of the bundle.[]genericcondition.GenericConditionfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    newlyCreatedNewlyCreated is the number of bundle deployments that have been created, not updated.intfalse
    unavailableUnavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec.inttrue
    unavailablePartitionsUnavailablePartitions is the number of unavailable partitions.inttrue
    maxUnavailableMaxUnavailable is the maximum number of unavailable deployments. See rollout configuration.inttrue
    maxUnavailablePartitionsMaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions.inttrue
    maxNewMaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time.intfalse
    partitionsPartitionStatus lists the status of each partition.[]PartitionStatusfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.BundleDisplayfalse
    resourceKeyResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc..[]ResourceKeyfalse
    observedGenerationObservedGeneration is the current generation of the bundle.int64true
    resourcesSha256SumResourcesSHA256Sum corresponds to the JSON serialization of the .Spec.Resources fieldstringfalse

    Back to Custom Resources

    BundleSummary​

    BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status.

    FieldDescriptionSchemeRequired
    notReadyNotReady is the number of bundle deployments that have been deployed where some resources are not ready.intfalse
    waitAppliedWaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.intfalse
    errAppliedErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle.intfalse
    outOfSyncOutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent.intfalse
    modifiedModified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced.intfalse
    readyReady is the number of bundle deployments that have been deployed where all resources are ready.inttrue
    pendingPending is the number of bundle deployments that are being processed by Fleet controller.intfalse
    desiredReadyDesiredReady is the number of bundle deployments that should be ready.inttrue
    nonReadyResourcesNonReadyClusters is a list of states, which is filled for a bundle that is not ready.[]NonReadyResourcefalse

    Back to Custom Resources

    BundleTarget​

    BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct.

    FieldDescriptionSchemeRequired
    nameName of target. This value is largely for display and logging. If not specified a default name of the format \"target000\" will be usedstringfalse
    clusterNameClusterName to match a specific cluster by name that will be selectedstringfalse
    clusterSelectorClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup to match a specific cluster group by name.stringfalse
    clusterGroupSelectorClusterGroupSelector is a selector to match cluster groups.*metav1.LabelSelectorfalse
    doNotDeployDoNotDeploy if set to true, will not deploy to this target.boolfalse

    Back to Custom Resources

    BundleTargetRestriction​

    BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml.

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    NonReadyResource​

    NonReadyResource contains information about a bundle that is not ready for a given state like \"ErrApplied\". It contains a list of non-ready or modified resources and their states.

    FieldDescriptionSchemeRequired
    nameName is the name of the resource.stringfalse
    bundleStateState is the state of the resource, like e.g. \"NotReady\" or \"ErrApplied\".BundleStatefalse
    messageMessage contains information why the bundle is not ready.stringfalse
    modifiedStatusModifiedStatus lists the state for each modified resource.[]ModifiedStatusfalse
    nonReadyStatusNonReadyStatus lists the state for each non-ready resource.[]NonReadyStatusfalse

    Back to Custom Resources

    Partition​

    Partition defines a separate rollout strategy for a set of clusters.

    FieldDescriptionSchemeRequired
    nameA user-friendly name given to the partition used for Display (optional).stringfalse
    maxUnavailableA number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%*intstr.IntOrStringfalse
    clusterNameClusterName is the name of a cluster to include in this partitionstringfalse
    clusterSelectorSelector matching cluster labels to include in this partition*metav1.LabelSelectorfalse
    clusterGroupA cluster group name to include in this partitionstringfalse
    clusterGroupSelectorSelector matching cluster group labels to include in this partition*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    PartitionStatus is the status of a single rollout partition.

    FieldDescriptionSchemeRequired
    nameName is the name of the partition.stringfalse
    countCount is the number of clusters in the partition.intfalse
    maxUnavailableMaxUnavailable is the maximum number of unavailable clusters in the partition.intfalse
    unavailableUnavailable is the number of unavailable clusters in the partition.intfalse
    summarySummary is a summary state for the partition, calculated over its non-ready resources.BundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    ResourceKey lists resources, which will likely be deployed.

    FieldDescriptionSchemeRequired
    kindKind is the k8s api kind of the resource.stringfalse
    apiVersionAPIVersion is the k8s api version of the resource.stringfalse
    namespaceNamespace is the namespace of the resource.stringfalse
    nameName is the name of the resource.stringfalse

    Back to Custom Resources

    RolloutStrategy​

    RolloverStrategy controls the rollout of the bundle across clusters.

    FieldDescriptionSchemeRequired
    maxUnavailableA number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%*intstr.IntOrStringfalse
    maxUnavailablePartitionsA number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0*intstr.IntOrStringfalse
    autoPartitionSizeA number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%*intstr.IntOrStringfalse
    partitionsA list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize.[]Partitionfalse

    Back to Custom Resources

    BundleDeployment​

    BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentList​

    BundleDeploymentList contains a list of BundleDeployment

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]BundleDeploymenttrue

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse
    ignoreIgnoreOptions can be used to ignore fields when monitoring the bundle.IgnoreOptionsfalse
    correctDriftCorrectDrift specifies how drift correction should work.*CorrectDriftfalse
    namespaceLabelsNamespaceLabels are labels that will be appended to the namespace created by Fleet.*map[string]stringfalse
    namespaceAnnotationsNamespaceAnnotations are annotations that will be appended to the namespace created by Fleet.*map[string]stringfalse
    deleteCRDResourcesDeleteCRDResources deletes CRDs. Warning! this will also delete all your Custom Resources.boolfalse

    Back to Custom Resources

    BundleDeploymentResource​

    BundleDeploymentResource contains the metadata of a deployed resource.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    createdAtmetav1.Timefalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected.boolfalse
    stagedOptionsStagedOptions are the deployment options, that are staged for the next deployment.BundleDeploymentOptionsfalse
    stagedDeploymentIDStagedDeploymentID is the ID of the staged deployment.stringfalse
    optionsOptions are the deployment options, that are currently applied.BundleDeploymentOptionsfalse
    deploymentIDDeploymentID is the ID of the currently applied deployment.stringfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse
    correctDriftCorrectDrift specifies how drift correction should work.*CorrectDriftfalse

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[]NonReadyStatusfalse
    modifiedStatus[]ModifiedStatusfalse
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false
    resourcesResources lists the metadata of resources that were deployed according to the helm release history.[]BundleDeploymentResourcefalse

    Back to Custom Resources

    ComparePatch​

    ComparePatch matches a resource and removes fields from the check for modifications.

    FieldDescriptionSchemeRequired
    kindKind is the kind of the resource to match.stringfalse
    apiVersionAPIVersion is the apiVersion of the resource to match.stringfalse
    namespaceNamespace is the namespace of the resource to match.stringfalse
    nameName is the name of the resource to match.stringfalse
    operationsOperations remove a JSON path from the resource.[]Operationfalse
    jsonPointersJSONPointers ignore diffs at a certain JSON path.[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatchesComparePatches match a resource and remove fields from the check for modifications.[]ComparePatchfalse

    Back to Custom Resources

    HelmOptions​

    HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types.

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[]ValuesFromfalse
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse
    disableDNSDisableDNS can be used to customize Helm's EnableDNS option, which Fleet sets to true by default.boolfalse
    skipSchemaValidationSkipSchemaValidation allows skipping schema validation against the chart valuesboolfalse

    Back to Custom Resources

    IgnoreOptions​

    IgnoreOptions defines conditions to be ignored when monitoring the Bundle.

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of conditions to be ignored when monitoring the Bundle.[]map[string]stringfalse

    Back to Custom Resources

    KustomizeOptions​

    KustomizeOptions for a deployment.

    FieldDescriptionSchemeRequired
    dirDir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file.stringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    nameName of a resource in the same namespace as the referent.stringtrue

    Back to Custom Resources

    ModifiedStatus​

    ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyStatus​

    NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary.

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    Operation of a ComparePatch, usually \"remove\".

    FieldDescriptionSchemeRequired
    opOp is usually \"remove\"stringfalse
    pathPath is the JSON path to remove.stringfalse
    valueValue is usually empty.stringfalse

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.

    FieldDescriptionSchemeRequired
    overlaysOverlays is a list of names that maps to folders in \"overlays/\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.[]stringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    BundleNamespaceMapping maps bundles to clusters in other namespaces.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleNamespaceMappingList​

    BundleNamespaceMappingList contains a list of BundleNamespaceMapping

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]BundleNamespaceMappingtrue

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenLastSeen is the last time the agent checked in to update the status of the cluster resource.metav1.Timetrue
    namespaceNamespace is the namespace of the agent deployment, e.g. \"cattle-fleet-system\".stringtrue
    nonReadyNodesNonReadyNodes is the number of nodes that are not ready.inttrue
    readyNodesReadyNodes is the number of nodes that are ready.inttrue
    nonReadyNodeNamesNonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names.[]stringtrue
    readyNodeNamesReadyNodes contains the names of ready nodes. The list is limited to at most 3 names.[]stringtrue

    Back to Custom Resources

    Cluster​

    Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    readyNodesReadyNodes is a string in the form \"%d/%d\", that describes the number of nodes that are ready vs. the number of expected nodes.stringfalse
    sampleNodeSampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready.stringfalse
    stateState of the cluster, either one of the bundle states, or \"WaitCheckIn\".stringfalse

    Back to Custom Resources

    ClusterList​

    ClusterList contains a list of Cluster

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]Clustertrue

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. It can optionally contain a APIServerURL and CA to override the values in the fleet-controller's configmap.stringfalse
    kubeConfigSecretNamespaceKubeConfigSecretNamespace is the namespace of the secret containing the kubeconfig for the downstream cluster. If unset, it will be assumed the secret can be found in the namespace that the Cluster object resides within.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]corev1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]corev1.Tolerationfalse
    agentAffinityAgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used.*corev1.Affinityfalse
    agentResourcesAgentResources sets the resources for the cluster's agent deployment.*corev1.ResourceRequirementsfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summarySummary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource.BundleSummaryfalse
    resourceCountsResourceCounts is an aggregate over the GitRepoResourceCounts.GitRepoResourceCountsfalse
    readyGitReposReadyGitRepos is the number of gitrepos for this cluster that are ready.inttrue
    desiredReadyGitReposDesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready.inttrue
    agentEnvVarsHashAgentEnvVarsHash is a hash of the agent's env vars, used to detect changes.stringfalse
    agentPrivateRepoURLAgentPrivateRepoURL is the private repo URL for the agent that is currently used.stringfalse
    agentDeployedGenerationAgentDeployedGeneration is the generation of the agent that is currently deployed.*int64false
    agentMigratedAgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status.boolfalse
    agentNamespaceMigratedAgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status.boolfalse
    cattleNamespaceMigratedCattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status.boolfalse
    agentAffinityHashAgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes.stringfalse
    agentResourcesHashAgentResourcesHash is a hash of the agent's resources configuration, used to detect changes.stringfalse
    agentTolerationsHashAgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes.stringfalse
    agentConfigChangedAgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster.boolfalse
    apiServerURLAPIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream.stringfalse
    apiServerCAHashAPIServerCAHash is a hash of the upstream API server CA, used to detect changes.stringfalse
    displayDisplay contains the number of ready bundles, nodes and a summary state.ClusterDisplayfalse
    agentAgentStatus contains information about the agent.AgentStatusfalse

    Back to Custom Resources

    ClusterGroup​

    ClusterGroup is a re-usable selector to target a group of clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    stateState is a summary state for the cluster group, showing \"NotReady\" if there are non-ready resources.stringfalse

    Back to Custom Resources

    ClusterGroupList​

    ClusterGroupList contains a list of ClusterGroup

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]ClusterGrouptrue

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selectorSelector is a label selector, used to select clusters for this group.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountClusterCount is the number of clusters in the cluster group.inttrue
    nonReadyClusterCountNonReadyClusterCount is the number of clusters that are not ready.inttrue
    nonReadyClustersNonReadyClusters is a list of cluster names that are not ready.[]stringfalse
    conditionsConditions is a list of conditions and their statuses for the cluster group.[]genericcondition.GenericConditionfalse
    summarySummary is a summary of the bundle deployments and their resources in the cluster group.BundleSummaryfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.ClusterGroupDisplayfalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles in the cluster group.GitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    ClusterRegistration is used internally by Fleet and should not be used directly.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationList​

    ClusterRegistrationList contains a list of ClusterRegistration

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]ClusterRegistrationtrue

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID.stringfalse
    clientRandomClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name.stringfalse
    clusterLabelsClusterLabels are copied to the cluster resource during the registration.map[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNameClusterName is only set after the registration is being processed by fleet-controller.stringfalse
    grantedGranted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings.boolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    ClusterRegistrationToken is used by agents to register a new cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenList​

    ClusterRegistrationTokenList contains a list of ClusterRegistrationToken

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]ClusterRegistrationTokentrue

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttlTTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted.*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expiresExpires is the time when the token expires.*metav1.Timefalse
    secretNameSecretName is the name of the secret containing the token.stringfalse

    Back to Custom Resources

    Content​

    Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    contentContent is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them.[]bytefalse
    sha256sumSHA256Sum of the Content fieldstringfalse

    Back to Custom Resources

    ContentList​

    ContentList contains a list of Content

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]Contenttrue

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    CorrectDrift​

    FieldDescriptionSchemeRequired
    enabledEnabled correct drift if true.boolfalse
    forceForce helm rollback with --force option will be used if true. This will try to recreate all resources in the release.boolfalse
    keepFailHistoryKeepFailHistory keeps track of failed rollbacks in the helm history.boolfalse

    Back to Custom Resources

    GitRepo​

    GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsReadyBundleDeployments is a string in the form \"%d/%d\", that describes the number of ready bundledeployments over the total number of bundledeployments.stringfalse
    stateState is the state of the GitRepo, e.g. \"GitUpdating\" or the maximal BundleState according to StateRank.stringfalse
    messageMessage contains the relevant message from the deployment conditions.stringfalse
    errorError is true if a message is present.boolfalse

    Back to Custom Resources

    GitRepoList​

    GitRepoList contains a list of GitRepo

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]GitRepotrue

    Back to Custom Resources

    GitRepoResource​

    GitRepoResource contains metadata about the resources of a bundle.

    FieldDescriptionSchemeRequired
    apiVersionAPIVersion is the API version of the resource.stringfalse
    kindKind is the k8s kind of the resource.stringfalse
    typeType is the type of the resource, e.g. \"apiextensions.k8s.io.customresourcedefinition\" or \"configmap\".stringfalse
    idID is the name of the resource, e.g. \"namespace1/my-config\" or \"backingimagemanagers.storage.io\".stringfalse
    namespaceNamespace of the resource.stringfalse
    nameName of the resource.stringfalse
    incompleteStateIncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states.boolfalse
    stateState is the state of the resource, e.g. \"Unknown\", \"WaitApplied\", \"ErrApplied\" or \"Ready\".stringfalse
    errorError is true if any Error in the PerClusterState is true.boolfalse
    transitioningTransitioning is true if any Transitioning in the PerClusterState is true.boolfalse
    messageMessage is the first message from the PerClusterStates.stringfalse
    perClusterStatePerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources.[]ResourcePerClusterStatefalse

    Back to Custom Resources

    GitRepoResourceCounts​

    GitRepoResourceCounts contains the number of resources in each state.

    FieldDescriptionSchemeRequired
    readyReady is the number of ready resources.inttrue
    desiredReadyDesiredReady is the number of resources that should be ready.inttrue
    waitAppliedWaitApplied is the number of resources that are waiting to be applied.inttrue
    modifiedModified is the number of resources that have been modified.inttrue
    orphanedOrphaned is the number of orphaned resources.inttrue
    missingMissing is the number of missing resources.inttrue
    unknownUnknown is the number of resources in an unknown state.inttrue
    notReadyNotReady is the number of not ready resources. Resources are not ready if they do not match any other state.inttrue

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and index.stringfalse
    branchBranch The git branch to follow.stringfalse
    revisionRevision A specific commit or tag to operate on.stringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand.stringfalse
    clientSecretNameClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for a private Helm repository.stringfalse
    helmSecretNameForPathsHelmSecretNameForPaths contains the auth secret for private Helm repository for each path.stringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided.stringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default.[]stringfalse
    pausedPaused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync.boolfalse
    serviceAccountServiceAccount used in the downstream cluster for deployment.stringfalse
    targetsTargets is a list of targets this repo will deploy to.[]GitTargetfalse
    pollingIntervalPollingInterval is how often to check git for new updates.*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Git.int64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo.*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when a new image is scanned and written back to git repo.CommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepo.boolfalse
    correctDriftCorrectDrift specifies how drift correction should work.*CorrectDriftfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status.int64true
    commitCommit is the Git commit hash from the last gitjob run.stringfalse
    readyClustersReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo.inttrue
    desiredReadyClustersDesiredReadyClusters\tis the number of clusters that should be ready for bundles of this GitRepo.inttrue
    gitJobStatusGitJobStatus is the status of the last GitJob run, e.g. \"Current\" if there was no error.stringfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    displayDisplay contains a human readable summary of the status.GitRepoDisplayfalse
    conditionsConditions is a list of Wrangler conditions that describe the state of the GitRepo.[]genericcondition.GenericConditionfalse
    resourcesResources contains metadata about the resources of each bundle.[]GitRepoResourcefalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles.GitRepoResourceCountsfalse
    resourceErrorsResourceErrors is a sorted list of errors from the resources.[]stringfalse
    lastSyncedImageScanTimeLastSyncedImageScanTime is the time of the last image scan.metav1.Timefalse

    Back to Custom Resources

    GitTarget​

    GitTarget is a cluster or cluster group to deploy to.

    FieldDescriptionSchemeRequired
    nameName is the name of this target.stringfalse
    clusterNameClusterName is the name of a cluster.stringfalse
    clusterSelectorClusterSelector is a label selector to select clusters.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup is the name of a cluster group in the same namespace as the clusters.stringfalse
    clusterGroupSelectorClusterGroupSelector is a label selector to select cluster groups.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    ResourcePerClusterState is generated for each non-ready resource of the bundles.

    FieldDescriptionSchemeRequired
    stateState is the state of the resource.stringfalse
    errorError is true if the resource is in an error state, copied from the bundle's summary for non-ready resources.boolfalse
    transitioningTransitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources.boolfalse
    messageMessage combines the messages from the bundle's summary. Messages are joined with the delimiter ';'.stringfalse
    patchPatch for modified resources.*GenericMapfalse
    clusterIdClusterID is the id of the cluster.stringfalse

    Back to Custom Resources

    GitRepoRestriction​

    GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountDefaultServiceAccount overrides the GitRepo's default service account.stringfalse
    allowedServiceAccountsAllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use.[]stringfalse
    allowedRepoPatternsAllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo.[]stringfalse
    defaultClientSecretNameDefaultClientSecretName overrides the GitRepo's default client secret.stringfalse
    allowedClientSecretNamesAllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use.[]stringfalse
    allowedTargetNamespacesAllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set.[]stringfalse

    Back to Custom Resources

    GitRepoRestrictionList​

    GitRepoRestrictionList contains a list of GitRepoRestriction

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]GitRepoRestrictiontrue

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanList​

    ImageScanList contains a list of ImageScan

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]ImageScantrue

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    Custom Resources Spec

    Sub Resources

    Bundle​

    Bundle contains the resources of an application and its deployment options. It will be deployed as a Helm chart to target clusters.

    When a GitRepo is scanned it will produce one or more bundles. Bundles are a collection of resources that get deployed to one or more cluster(s). Bundle is the fundamental deployment unit used in Fleet. The contents of a Bundle may be Kubernetes manifests, Kustomize configuration, or Helm charts. Regardless of the source the contents are dynamically rendered into a Helm chart by the agent and installed into the downstream cluster as a Helm release.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleSpectrue
    statusBundleStatustrue

    Back to Custom Resources

    BundleDisplay​

    BundleDisplay contains the number of ready, desiredready clusters and a summary state for the bundle.

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    stateState is a summary state for the bundle, calculated over the non-ready resources.stringfalse

    Back to Custom Resources

    BundleList​

    BundleList contains a list of Bundle

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]Bundletrue

    Back to Custom Resources

    BundleRef​

    FieldDescriptionSchemeRequired
    nameName of the bundle.stringfalse
    selectorSelector matching bundle's labels.*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleResource​

    BundleResource represents the content of a single resource from the bundle, like a YAML manifest.

    FieldDescriptionSchemeRequired
    nameName of the resource, can include the bundle's internal path.stringfalse
    contentThe content of the resource, can be compressed.stringfalse
    encodingEncoding is either empty or \"base64+gz\".stringfalse

    Back to Custom Resources

    BundleSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. It will be marked as out of sync.boolfalse
    rolloutStrategyRolloutStrategy controls the rollout of bundles, by defining partitions, canaries and percentages for cluster availability.*RolloutStrategyfalse
    resourcesResources contains the resources that were read from the bundle's path. This includes the content of downloaded helm charts.[]BundleResourcefalse
    targetsTargets refer to the clusters which will be deployed to. Targets are evaluated in order and the first one to match is used.[]BundleTargetfalse
    targetRestrictionsTargetRestrictions is an allow list, which controls if a bundledeployment is created for a target.[]BundleTargetRestrictionfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse

    Back to Custom Resources

    BundleStatus​

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of Wrangler conditions that describe the state of the bundle.[]genericcondition.GenericConditionfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    newlyCreatedNewlyCreated is the number of bundle deployments that have been created, not updated.intfalse
    unavailableUnavailable is the number of bundle deployments that are not ready or where the AppliedDeploymentID in the status does not match the DeploymentID from the spec.inttrue
    unavailablePartitionsUnavailablePartitions is the number of unavailable partitions.inttrue
    maxUnavailableMaxUnavailable is the maximum number of unavailable deployments. See rollout configuration.inttrue
    maxUnavailablePartitionsMaxUnavailablePartitions is the maximum number of unavailable partitions. The rollout configuration defines a maximum number or percentage of unavailable partitions.inttrue
    maxNewMaxNew is always 50. A bundle change can only stage 50 bundledeployments at a time.intfalse
    partitionsPartitionStatus lists the status of each partition.[]PartitionStatusfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.BundleDisplayfalse
    resourceKeyResourceKey lists resources, which will likely be deployed. The actual list of resources on a cluster might differ, depending on the helm chart, value templating, etc..[]ResourceKeyfalse
    observedGenerationObservedGeneration is the current generation of the bundle.int64true
    resourcesSha256SumResourcesSHA256Sum corresponds to the JSON serialization of the .Spec.Resources fieldstringfalse

    Back to Custom Resources

    BundleSummary​

    BundleSummary contains the number of bundle deployments in each state and a list of non-ready resources. It is used in the bundle, clustergroup, cluster and gitrepo status.

    FieldDescriptionSchemeRequired
    notReadyNotReady is the number of bundle deployments that have been deployed where some resources are not ready.intfalse
    waitAppliedWaitApplied is the number of bundle deployments that have been synced from Fleet controller and downstream cluster, but are waiting to be deployed.intfalse
    errAppliedErrApplied is the number of bundle deployments that have been synced from the Fleet controller and the downstream cluster, but with some errors when deploying the bundle.intfalse
    outOfSyncOutOfSync is the number of bundle deployments that have been synced from Fleet controller, but not yet by the downstream agent.intfalse
    modifiedModified is the number of bundle deployments that have been deployed and for which all resources are ready, but where some changes from the Git repository have not yet been synced.intfalse
    readyReady is the number of bundle deployments that have been deployed where all resources are ready.inttrue
    pendingPending is the number of bundle deployments that are being processed by Fleet controller.intfalse
    desiredReadyDesiredReady is the number of bundle deployments that should be ready.inttrue
    nonReadyResourcesNonReadyClusters is a list of states, which is filled for a bundle that is not ready.[]NonReadyResourcefalse

    Back to Custom Resources

    BundleTarget​

    BundleTarget declares clusters to deploy to. Fleet will merge the BundleDeploymentOptions from customizations into this struct.

    FieldDescriptionSchemeRequired
    nameName of target. This value is largely for display and logging. If not specified a default name of the format \"target000\" will be usedstringfalse
    clusterNameClusterName to match a specific cluster by name that will be selectedstringfalse
    clusterSelectorClusterSelector is a selector to match clusters. The structure is the standard metav1.LabelSelector format. If clusterGroupSelector or clusterGroup is specified, clusterSelector will be used only to further refine the selection after clusterGroupSelector and clusterGroup is evaluated.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup to match a specific cluster group by name.stringfalse
    clusterGroupSelectorClusterGroupSelector is a selector to match cluster groups.*metav1.LabelSelectorfalse
    doNotDeployDoNotDeploy if set to true, will not deploy to this target.boolfalse

    Back to Custom Resources

    BundleTargetRestriction​

    BundleTargetRestriction is used internally by Fleet and should not be modified. It acts as an allow list, to prevent the creation of BundleDeployments from Targets created by TargetCustomizations in fleet.yaml.

    FieldDescriptionSchemeRequired
    namestringfalse
    clusterNamestringfalse
    clusterSelector*metav1.LabelSelectorfalse
    clusterGroupstringfalse
    clusterGroupSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    NonReadyResource​

    NonReadyResource contains information about a bundle that is not ready for a given state like \"ErrApplied\". It contains a list of non-ready or modified resources and their states.

    FieldDescriptionSchemeRequired
    nameName is the name of the resource.stringfalse
    bundleStateState is the state of the resource, like e.g. \"NotReady\" or \"ErrApplied\".BundleStatefalse
    messageMessage contains information why the bundle is not ready.stringfalse
    modifiedStatusModifiedStatus lists the state for each modified resource.[]ModifiedStatusfalse
    nonReadyStatusNonReadyStatus lists the state for each non-ready resource.[]NonReadyStatusfalse

    Back to Custom Resources

    Partition​

    Partition defines a separate rollout strategy for a set of clusters.

    FieldDescriptionSchemeRequired
    nameA user-friendly name given to the partition used for Display (optional).stringfalse
    maxUnavailableA number or percentage of clusters that can be unavailable in this partition before this partition is treated as done. default: 10%*intstr.IntOrStringfalse
    clusterNameClusterName is the name of a cluster to include in this partitionstringfalse
    clusterSelectorSelector matching cluster labels to include in this partition*metav1.LabelSelectorfalse
    clusterGroupA cluster group name to include in this partitionstringfalse
    clusterGroupSelectorSelector matching cluster group labels to include in this partition*metav1.LabelSelectorfalse

    Back to Custom Resources

    PartitionStatus​

    PartitionStatus is the status of a single rollout partition.

    FieldDescriptionSchemeRequired
    nameName is the name of the partition.stringfalse
    countCount is the number of clusters in the partition.intfalse
    maxUnavailableMaxUnavailable is the maximum number of unavailable clusters in the partition.intfalse
    unavailableUnavailable is the number of unavailable clusters in the partition.intfalse
    summarySummary is a summary state for the partition, calculated over its non-ready resources.BundleSummaryfalse

    Back to Custom Resources

    ResourceKey​

    ResourceKey lists resources, which will likely be deployed.

    FieldDescriptionSchemeRequired
    kindKind is the k8s api kind of the resource.stringfalse
    apiVersionAPIVersion is the k8s api version of the resource.stringfalse
    namespaceNamespace is the namespace of the resource.stringfalse
    nameName is the name of the resource.stringfalse

    Back to Custom Resources

    RolloutStrategy​

    RolloverStrategy controls the rollout of the bundle across clusters.

    FieldDescriptionSchemeRequired
    maxUnavailableA number or percentage of clusters that can be unavailable during an update of a bundle. This follows the same basic approach as a deployment rollout strategy. Once the number of clusters meets unavailable state update will be paused. Default value is 100% which doesn't take effect on update. default: 100%*intstr.IntOrStringfalse
    maxUnavailablePartitionsA number or percentage of cluster partitions that can be unavailable during an update of a bundle. default: 0*intstr.IntOrStringfalse
    autoPartitionSizeA number or percentage of how to automatically partition clusters if no specific partitioning strategy is configured. default: 25%*intstr.IntOrStringfalse
    partitionsA list of definitions of partitions. If any target clusters do not match the configuration they are added to partitions at the end following the autoPartitionSize.[]Partitionfalse

    Back to Custom Resources

    BundleDeployment​

    BundleDeployment is used internally by Fleet and should not be used directly. When a Bundle is deployed to a cluster an instance of a Bundle is called a BundleDeployment. A BundleDeployment represents the state of that Bundle on a specific cluster with its cluster-specific customizations. The Fleet agent is only aware of BundleDeployment resources that are created for the cluster the agent is managing.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specBundleDeploymentSpecfalse
    statusBundleDeploymentStatusfalse

    Back to Custom Resources

    BundleDeploymentDisplay​

    FieldDescriptionSchemeRequired
    deployedstringfalse
    monitoredstringfalse
    statestringfalse

    Back to Custom Resources

    BundleDeploymentList​

    BundleDeploymentList contains a list of BundleDeployment

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]BundleDeploymenttrue

    Back to Custom Resources

    BundleDeploymentOptions​

    FieldDescriptionSchemeRequired
    defaultNamespaceDefaultNamespace is the namespace to use for resources that do not specify a namespace. This field is not used to enforce or lock down the deployment to a specific namespace.stringfalse
    namespaceTargetNamespace if present will assign all resource to this namespace and if any cluster scoped resource exists the deployment will fail.stringfalse
    kustomizeKustomize options for the deployment, like the dir containing the kustomization.yaml file.*KustomizeOptionsfalse
    helmHelm options for the deployment, like the chart name, repo and values.*HelmOptionsfalse
    serviceAccountServiceAccount which will be used to perform this deployment.stringfalse
    forceSyncGenerationForceSyncGeneration is used to force a redeploymentint64false
    yamlYAML options, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.*YAMLOptionsfalse
    diffDiff can be used to ignore the modified state of objects which are amended at runtime.*DiffOptionsfalse
    keepResourcesKeepResources can be used to keep the deployed resources when removing the bundleboolfalse
    ignoreIgnoreOptions can be used to ignore fields when monitoring the bundle.IgnoreOptionsfalse
    correctDriftCorrectDrift specifies how drift correction should work.*CorrectDriftfalse
    namespaceLabelsNamespaceLabels are labels that will be appended to the namespace created by Fleet.*map[string]stringfalse
    namespaceAnnotationsNamespaceAnnotations are annotations that will be appended to the namespace created by Fleet.*map[string]stringfalse
    deleteCRDResourcesDeleteCRDResources deletes CRDs. Warning! this will also delete all your Custom Resources.boolfalse

    Back to Custom Resources

    BundleDeploymentResource​

    BundleDeploymentResource contains the metadata of a deployed resource.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    createdAtmetav1.Timefalse

    Back to Custom Resources

    BundleDeploymentSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated. If true, BundleDeployments will be marked as out of sync when changes are detected.boolfalse
    stagedOptionsStagedOptions are the deployment options, that are staged for the next deployment.BundleDeploymentOptionsfalse
    stagedDeploymentIDStagedDeploymentID is the ID of the staged deployment.stringfalse
    optionsOptions are the deployment options, that are currently applied.BundleDeploymentOptionsfalse
    deploymentIDDeploymentID is the ID of the currently applied deployment.stringfalse
    dependsOnDependsOn refers to the bundles which must be ready before this bundle can be deployed.[]BundleReffalse
    correctDriftCorrectDrift specifies how drift correction should work.*CorrectDriftfalse

    Back to Custom Resources

    BundleDeploymentStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    appliedDeploymentIDstringfalse
    releasestringfalse
    readyboolfalse
    nonModifiedboolfalse
    nonReadyStatus[]NonReadyStatusfalse
    modifiedStatus[]ModifiedStatusfalse
    displayBundleDeploymentDisplayfalse
    syncGeneration*int64false
    resourcesResources lists the metadata of resources that were deployed according to the helm release history.[]BundleDeploymentResourcefalse

    Back to Custom Resources

    ComparePatch​

    ComparePatch matches a resource and removes fields from the check for modifications.

    FieldDescriptionSchemeRequired
    kindKind is the kind of the resource to match.stringfalse
    apiVersionAPIVersion is the apiVersion of the resource to match.stringfalse
    namespaceNamespace is the namespace of the resource to match.stringfalse
    nameName is the name of the resource to match.stringfalse
    operationsOperations remove a JSON path from the resource.[]Operationfalse
    jsonPointersJSONPointers ignore diffs at a certain JSON path.[]stringfalse

    Back to Custom Resources

    ConfigMapKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    DiffOptions​

    FieldDescriptionSchemeRequired
    comparePatchesComparePatches match a resource and remove fields from the check for modifications.[]ComparePatchfalse

    Back to Custom Resources

    HelmOptions​

    HelmOptions for the deployment. For Helm-based bundles, all options can be used, otherwise some options are ignored. For example ReleaseName works with all bundle types.

    FieldDescriptionSchemeRequired
    chartChart can refer to any go-getter URL or OCI registry based helm chart URL. The chart will be downloaded.stringfalse
    repoRepo is the name of the HTTPS helm repo to download the chart from.stringfalse
    releaseNameReleaseName sets a custom release name to deploy the chart as. If not specified a release name will be generated by combining the invoking GitRepo.name + GitRepo.path.stringfalse
    versionVersion of the chart to downloadstringfalse
    timeoutSecondsTimeoutSeconds is the time to wait for Helm operations.intfalse
    valuesValues passed to Helm. It is possible to specify the keys and values as go template strings.*GenericMapfalse
    valuesFromValuesFrom loads the values from configmaps and secrets.[]ValuesFromfalse
    forceForce allows to override immutable resources. This could be dangerous.boolfalse
    takeOwnershipTakeOwnership makes helm skip the check for its own annotationsboolfalse
    maxHistoryMaxHistory limits the maximum number of revisions saved per release by Helm.intfalse
    valuesFilesValuesFiles is a list of files to load values from.[]stringfalse
    waitForJobsWaitForJobs if set and timeoutSeconds provided, will wait until all Jobs have been completed before marking the GitRepo as ready. It will wait for as long as timeoutSecondsboolfalse
    atomicAtomic sets the --atomic flag when Helm is performing an upgradeboolfalse
    disablePreProcessDisablePreProcess disables template processing in valuesboolfalse
    disableDNSDisableDNS can be used to customize Helm's EnableDNS option, which Fleet sets to true by default.boolfalse
    skipSchemaValidationSkipSchemaValidation allows skipping schema validation against the chart valuesboolfalse

    Back to Custom Resources

    IgnoreOptions​

    IgnoreOptions defines conditions to be ignored when monitoring the Bundle.

    FieldDescriptionSchemeRequired
    conditionsConditions is a list of conditions to be ignored when monitoring the Bundle.[]map[string]stringfalse

    Back to Custom Resources

    KustomizeOptions​

    KustomizeOptions for a deployment.

    FieldDescriptionSchemeRequired
    dirDir points to a custom folder for kustomize resources. This folder must contain a kustomization.yaml file.stringfalse

    Back to Custom Resources

    LocalObjectReference​

    FieldDescriptionSchemeRequired
    nameName of a resource in the same namespace as the referent.stringtrue

    Back to Custom Resources

    ModifiedStatus​

    ModifiedStatus is used to report the status of a resource that is modified. It indicates if the modification was a create, a delete or a patch.

    FieldDescriptionSchemeRequired
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    missingboolfalse
    deleteboolfalse
    patchstringfalse

    Back to Custom Resources

    NonReadyStatus​

    NonReadyStatus is used to report the status of a resource that is not ready. It includes a summary.

    FieldDescriptionSchemeRequired
    uidtypes.UIDfalse
    kindstringfalse
    apiVersionstringfalse
    namespacestringfalse
    namestringfalse
    summarysummary.Summaryfalse

    Back to Custom Resources

    Operation​

    Operation of a ComparePatch, usually \"remove\".

    FieldDescriptionSchemeRequired
    opOp is usually \"remove\"stringfalse
    pathPath is the JSON path to remove.stringfalse
    valueValue is usually empty.stringfalse

    Back to Custom Resources

    SecretKeySelector​

    FieldDescriptionSchemeRequired
    namespacestringfalse
    keystringfalse

    Back to Custom Resources

    ValuesFrom​

    Define helm values that can come from configmap, secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439

    FieldDescriptionSchemeRequired
    configMapKeyRefThe reference to a config map with release values.*ConfigMapKeySelectorfalse
    secretKeyRefThe reference to a secret with release values.*SecretKeySelectorfalse

    Back to Custom Resources

    YAMLOptions​

    YAMLOptions, if using raw YAML these are names that map to overlays/{name} files that will be used to replace or patch a resource.

    FieldDescriptionSchemeRequired
    overlaysOverlays is a list of names that maps to folders in \"overlays/\". If you wish to customize the file ./subdir/resource.yaml then a file ./overlays/myoverlay/subdir/resource.yaml will replace the base file. A file named ./overlays/myoverlay/subdir/resource_patch.yaml will patch the base file.[]stringfalse

    Back to Custom Resources

    BundleNamespaceMapping​

    BundleNamespaceMapping maps bundles to clusters in other namespaces.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    bundleSelector*metav1.LabelSelectorfalse
    namespaceSelector*metav1.LabelSelectorfalse

    Back to Custom Resources

    BundleNamespaceMappingList​

    BundleNamespaceMappingList contains a list of BundleNamespaceMapping

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]BundleNamespaceMappingtrue

    Back to Custom Resources

    AgentStatus​

    FieldDescriptionSchemeRequired
    lastSeenLastSeen is the last time the agent checked in to update the status of the cluster resource.metav1.Timetrue
    namespaceNamespace is the namespace of the agent deployment, e.g. \"cattle-fleet-system\".stringtrue
    nonReadyNodesNonReadyNodes is the number of nodes that are not ready.inttrue
    readyNodesReadyNodes is the number of nodes that are ready.inttrue
    nonReadyNodeNamesNonReadyNode contains the names of non-ready nodes. The list is limited to at most 3 names.[]stringtrue
    readyNodeNamesReadyNodes contains the names of ready nodes. The list is limited to at most 3 names.[]stringtrue

    Back to Custom Resources

    Cluster​

    Cluster corresponds to a Kubernetes cluster. Fleet deploys bundles to targeted clusters. Clusters to which Fleet deploys manifests are referred to as downstream clusters. In the single cluster use case, the Fleet manager Kubernetes cluster is both the manager and downstream cluster at the same time.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterSpecfalse
    statusClusterStatusfalse

    Back to Custom Resources

    ClusterDisplay​

    FieldDescriptionSchemeRequired
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    readyNodesReadyNodes is a string in the form \"%d/%d\", that describes the number of nodes that are ready vs. the number of expected nodes.stringfalse
    sampleNodeSampleNode is the name of one of the nodes that are ready. If no node is ready, it's the name of a node that is not ready.stringfalse
    stateState of the cluster, either one of the bundle states, or \"WaitCheckIn\".stringfalse

    Back to Custom Resources

    ClusterList​

    ClusterList contains a list of Cluster

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]Clustertrue

    Back to Custom Resources

    ClusterSpec​

    FieldDescriptionSchemeRequired
    pausedPaused if set to true, will stop any BundleDeployments from being updated.boolfalse
    clientIDClientID is a unique string that will identify the cluster. It can either be predefined, or generated when importing the cluster.stringfalse
    kubeConfigSecretKubeConfigSecret is the name of the secret containing the kubeconfig for the downstream cluster. It can optionally contain a APIServerURL and CA to override the values in the fleet-controller's configmap.stringfalse
    kubeConfigSecretNamespaceKubeConfigSecretNamespace is the namespace of the secret containing the kubeconfig for the downstream cluster. If unset, it will be assumed the secret can be found in the namespace that the Cluster object resides within.stringfalse
    redeployAgentGenerationRedeployAgentGeneration can be used to force redeploying the agent.int64false
    agentEnvVarsAgentEnvVars are extra environment variables to be added to the agent deployment.[]corev1.EnvVarfalse
    agentNamespaceAgentNamespace defaults to the system namespace, e.g. cattle-fleet-system.stringfalse
    privateRepoURLPrivateRepoURL prefixes the image name and overrides a global repo URL from the agents config.stringfalse
    templateValuesTemplateValues defines a cluster specific mapping of values to be sent to fleet.yaml values templating.*GenericMapfalse
    agentTolerationsAgentTolerations defines an extra set of Tolerations to be added to the Agent deployment.[]corev1.Tolerationfalse
    agentAffinityAgentAffinity overrides the default affinity for the cluster's agent deployment. If this value is nil the default affinity is used.*corev1.Affinityfalse
    agentResourcesAgentResources sets the resources for the cluster's agent deployment.*corev1.ResourceRequirementsfalse

    Back to Custom Resources

    ClusterStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    namespaceNamespace is the cluster namespace, it contains the clusters service account as well as any bundledeployments. Example: \"cluster-fleet-local-cluster-294db1acfa77-d9ccf852678f\"stringfalse
    summarySummary is a summary of the bundledeployments. The resource counts are copied from the gitrepo resource.BundleSummaryfalse
    resourceCountsResourceCounts is an aggregate over the GitRepoResourceCounts.GitRepoResourceCountsfalse
    readyGitReposReadyGitRepos is the number of gitrepos for this cluster that are ready.inttrue
    desiredReadyGitReposDesiredReadyGitRepos is the number of gitrepos for this cluster that are desired to be ready.inttrue
    agentEnvVarsHashAgentEnvVarsHash is a hash of the agent's env vars, used to detect changes.stringfalse
    agentPrivateRepoURLAgentPrivateRepoURL is the private repo URL for the agent that is currently used.stringfalse
    agentDeployedGenerationAgentDeployedGeneration is the generation of the agent that is currently deployed.*int64false
    agentMigratedAgentMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old agents don't have this in their status.boolfalse
    agentNamespaceMigratedAgentNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents don't have this in their status.boolfalse
    cattleNamespaceMigratedCattleNamespaceMigrated is always set to true after importing a cluster. If false, it will trigger a migration. Old Fleet agents, don't have this in their status.boolfalse
    agentAffinityHashAgentAffinityHash is a hash of the agent's affinity configuration, used to detect changes.stringfalse
    agentResourcesHashAgentResourcesHash is a hash of the agent's resources configuration, used to detect changes.stringfalse
    agentTolerationsHashAgentTolerationsHash is a hash of the agent's tolerations configuration, used to detect changes.stringfalse
    agentConfigChangedAgentConfigChanged is set to true if any of the agent configuration changed, like the API server URL or CA. Setting it to true will trigger a re-import of the cluster.boolfalse
    apiServerURLAPIServerURL is the currently used URL of the API server that the cluster uses to connect to upstream.stringfalse
    apiServerCAHashAPIServerCAHash is a hash of the upstream API server CA, used to detect changes.stringfalse
    displayDisplay contains the number of ready bundles, nodes and a summary state.ClusterDisplayfalse
    agentAgentStatus contains information about the agent.AgentStatusfalse

    Back to Custom Resources

    ClusterGroup​

    ClusterGroup is a re-usable selector to target a group of clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterGroupSpectrue
    statusClusterGroupStatustrue

    Back to Custom Resources

    ClusterGroupDisplay​

    FieldDescriptionSchemeRequired
    readyClustersReadyClusters is a string in the form \"%d/%d\", that describes the number of clusters that are ready vs. the number of clusters desired to be ready.stringfalse
    readyBundlesReadyBundles is a string in the form \"%d/%d\", that describes the number of bundles that are ready vs. the number of bundles desired to be ready.stringfalse
    stateState is a summary state for the cluster group, showing \"NotReady\" if there are non-ready resources.stringfalse

    Back to Custom Resources

    ClusterGroupList​

    ClusterGroupList contains a list of ClusterGroup

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]ClusterGrouptrue

    Back to Custom Resources

    ClusterGroupSpec​

    FieldDescriptionSchemeRequired
    selectorSelector is a label selector, used to select clusters for this group.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ClusterGroupStatus​

    FieldDescriptionSchemeRequired
    clusterCountClusterCount is the number of clusters in the cluster group.inttrue
    nonReadyClusterCountNonReadyClusterCount is the number of clusters that are not ready.inttrue
    nonReadyClustersNonReadyClusters is a list of cluster names that are not ready.[]stringfalse
    conditionsConditions is a list of conditions and their statuses for the cluster group.[]genericcondition.GenericConditionfalse
    summarySummary is a summary of the bundle deployments and their resources in the cluster group.BundleSummaryfalse
    displayDisplay contains the number of ready, desiredready clusters and a summary state for the bundle's resources.ClusterGroupDisplayfalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles in the cluster group.GitRepoResourceCountsfalse

    Back to Custom Resources

    ClusterRegistration​

    ClusterRegistration is used internally by Fleet and should not be used directly.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationSpecfalse
    statusClusterRegistrationStatusfalse

    Back to Custom Resources

    ClusterRegistrationList​

    ClusterRegistrationList contains a list of ClusterRegistration

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]ClusterRegistrationtrue

    Back to Custom Resources

    ClusterRegistrationSpec​

    FieldDescriptionSchemeRequired
    clientIDClientID is a unique string that will identify the cluster. The agent either uses the configured ID or the kubeSystem.UID.stringfalse
    clientRandomClientRandom is a random string that the agent generates. When fleet-controller grants a registration, it creates a registration secret with this string in the name.stringfalse
    clusterLabelsClusterLabels are copied to the cluster resource during the registration.map[string]stringfalse

    Back to Custom Resources

    ClusterRegistrationStatus​

    FieldDescriptionSchemeRequired
    clusterNameClusterName is only set after the registration is being processed by fleet-controller.stringfalse
    grantedGranted is set to true, if the request service account is present and its token secret exists. This happens directly before creating the registration secret, roles and rolebindings.boolfalse

    Back to Custom Resources

    ClusterRegistrationToken​

    ClusterRegistrationToken is used by agents to register a new cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specClusterRegistrationTokenSpecfalse
    statusClusterRegistrationTokenStatusfalse

    Back to Custom Resources

    ClusterRegistrationTokenList​

    ClusterRegistrationTokenList contains a list of ClusterRegistrationToken

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]ClusterRegistrationTokentrue

    Back to Custom Resources

    ClusterRegistrationTokenSpec​

    FieldDescriptionSchemeRequired
    ttlTTL is the time to live for the token. It is used to calculate the expiration time. If the token expires, it will be deleted.*metav1.Durationfalse

    Back to Custom Resources

    ClusterRegistrationTokenStatus​

    FieldDescriptionSchemeRequired
    expiresExpires is the time when the token expires.*metav1.Timefalse
    secretNameSecretName is the name of the secret containing the token.stringfalse

    Back to Custom Resources

    Content​

    Content is used internally by Fleet and should not be used directly. It contains the resources from a bundle for a specific target cluster.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    contentContent is a byte array, which contains the manifests of a bundle. The bundle resources are copied into the bundledeployment's content resource, so the downstream agent can deploy them.[]bytefalse
    sha256sumSHA256Sum of the Content fieldstringfalse

    Back to Custom Resources

    ContentList​

    ContentList contains a list of Content

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]Contenttrue

    Back to Custom Resources

    CommitSpec​

    CommitSpec specifies how to commit changes to the git repository

    FieldDescriptionSchemeRequired
    authorNameAuthorName gives the name to provide when making a commitstringtrue
    authorEmailAuthorEmail gives the email to provide when making a commitstringtrue
    messageTemplateMessageTemplate provides a template for the commit message, into which will be interpolated the details of the change made.stringfalse

    Back to Custom Resources

    CorrectDrift​

    FieldDescriptionSchemeRequired
    enabledEnabled correct drift if true.boolfalse
    forceForce helm rollback with --force option will be used if true. This will try to recreate all resources in the release.boolfalse
    keepFailHistoryKeepFailHistory keeps track of failed rollbacks in the helm history.boolfalse

    Back to Custom Resources

    GitRepo​

    GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specGitRepoSpecfalse
    statusGitRepoStatusfalse

    Back to Custom Resources

    GitRepoDisplay​

    FieldDescriptionSchemeRequired
    readyBundleDeploymentsReadyBundleDeployments is a string in the form \"%d/%d\", that describes the number of ready bundledeployments over the total number of bundledeployments.stringfalse
    stateState is the state of the GitRepo, e.g. \"GitUpdating\" or the maximal BundleState according to StateRank.stringfalse
    messageMessage contains the relevant message from the deployment conditions.stringfalse
    errorError is true if a message is present.boolfalse

    Back to Custom Resources

    GitRepoList​

    GitRepoList contains a list of GitRepo

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]GitRepotrue

    Back to Custom Resources

    GitRepoResource​

    GitRepoResource contains metadata about the resources of a bundle.

    FieldDescriptionSchemeRequired
    apiVersionAPIVersion is the API version of the resource.stringfalse
    kindKind is the k8s kind of the resource.stringfalse
    typeType is the type of the resource, e.g. \"apiextensions.k8s.io.customresourcedefinition\" or \"configmap\".stringfalse
    idID is the name of the resource, e.g. \"namespace1/my-config\" or \"backingimagemanagers.storage.io\".stringfalse
    namespaceNamespace of the resource.stringfalse
    nameName of the resource.stringfalse
    incompleteStateIncompleteState is true if a bundle summary has 10 or more non-ready resources or a non-ready resource has more 10 or more non-ready or modified states.boolfalse
    stateState is the state of the resource, e.g. \"Unknown\", \"WaitApplied\", \"ErrApplied\" or \"Ready\".stringfalse
    errorError is true if any Error in the PerClusterState is true.boolfalse
    transitioningTransitioning is true if any Transitioning in the PerClusterState is true.boolfalse
    messageMessage is the first message from the PerClusterStates.stringfalse
    perClusterStatePerClusterState is a list of states for each cluster. Derived from the summaries non-ready resources.[]ResourcePerClusterStatefalse

    Back to Custom Resources

    GitRepoResourceCounts​

    GitRepoResourceCounts contains the number of resources in each state.

    FieldDescriptionSchemeRequired
    readyReady is the number of ready resources.inttrue
    desiredReadyDesiredReady is the number of resources that should be ready.inttrue
    waitAppliedWaitApplied is the number of resources that are waiting to be applied.inttrue
    modifiedModified is the number of resources that have been modified.inttrue
    orphanedOrphaned is the number of orphaned resources.inttrue
    missingMissing is the number of missing resources.inttrue
    unknownUnknown is the number of resources in an unknown state.inttrue
    notReadyNotReady is the number of not ready resources. Resources are not ready if they do not match any other state.inttrue

    Back to Custom Resources

    GitRepoSpec​

    FieldDescriptionSchemeRequired
    repoRepo is a URL to a git repo to clone and index.stringfalse
    branchBranch The git branch to follow.stringfalse
    revisionRevision A specific commit or tag to operate on.stringfalse
    targetNamespaceEnsure that all resources are created in this namespace Any cluster scoped resource will be rejected if this is set Additionally this namespace will be created on demand.stringfalse
    clientSecretNameClientSecretName is the name of the client secret to be used to connect to the repo It is expected the secret be of type \"kubernetes.io/basic-auth\" or \"kubernetes.io/ssh-auth\".stringfalse
    helmSecretNameHelmSecretName contains the auth secret for a private Helm repository.stringfalse
    helmSecretNameForPathsHelmSecretNameForPaths contains the auth secret for private Helm repository for each path.stringfalse
    helmRepoURLRegexHelmRepoURLRegex Helm credentials will be used if the helm repo matches this regex Credentials will always be used if this is empty or not provided.stringfalse
    caBundleCABundle is a PEM encoded CA bundle which will be used to validate the repo's certificate.[]bytefalse
    insecureSkipTLSVerifyInsecureSkipTLSverify will use insecure HTTPS to clone the repo.boolfalse
    pathsPaths is the directories relative to the git repo root that contain resources to be applied. Path globbing is supported, for example [\"charts/*\"] will match all folders as a subdirectory of charts/ If empty, \"/\" is the default.[]stringfalse
    pausedPaused, when true, causes changes in Git not to be propagated down to the clusters but instead to mark resources as OutOfSync.boolfalse
    serviceAccountServiceAccount used in the downstream cluster for deployment.stringfalse
    targetsTargets is a list of targets this repo will deploy to.[]GitTargetfalse
    pollingIntervalPollingInterval is how often to check git for new updates.*metav1.Durationfalse
    forceSyncGenerationIncrement this number to force a redeployment of contents from Git.int64false
    imageScanIntervalImageScanInterval is the interval of syncing scanned images and writing back to git repo.*metav1.Durationfalse
    imageScanCommitCommit specifies how to commit to the git repo when a new image is scanned and written back to git repo.CommitSpecfalse
    keepResourcesKeepResources specifies if the resources created must be kept after deleting the GitRepo.boolfalse
    correctDriftCorrectDrift specifies how drift correction should work.*CorrectDriftfalse

    Back to Custom Resources

    GitRepoStatus​

    FieldDescriptionSchemeRequired
    observedGenerationObservedGeneration is the current generation of the resource in the cluster. It is copied from k8s metadata.Generation. The value is incremented for all changes, except for changes to .metadata or .status.int64true
    commitCommit is the Git commit hash from the last gitjob run.stringfalse
    readyClustersReadyClusters is the lowest number of clusters that are ready over all the bundles of this GitRepo.inttrue
    desiredReadyClustersDesiredReadyClusters\tis the number of clusters that should be ready for bundles of this GitRepo.inttrue
    gitJobStatusGitJobStatus is the status of the last GitJob run, e.g. \"Current\" if there was no error.stringfalse
    summarySummary contains the number of bundle deployments in each state and a list of non-ready resources.BundleSummaryfalse
    displayDisplay contains a human readable summary of the status.GitRepoDisplayfalse
    conditionsConditions is a list of Wrangler conditions that describe the state of the GitRepo.[]genericcondition.GenericConditionfalse
    resourcesResources contains metadata about the resources of each bundle.[]GitRepoResourcefalse
    resourceCountsResourceCounts contains the number of resources in each state over all bundles.GitRepoResourceCountsfalse
    resourceErrorsResourceErrors is a sorted list of errors from the resources.[]stringfalse
    lastSyncedImageScanTimeLastSyncedImageScanTime is the time of the last image scan.metav1.Timefalse

    Back to Custom Resources

    GitTarget​

    GitTarget is a cluster or cluster group to deploy to.

    FieldDescriptionSchemeRequired
    nameName is the name of this target.stringfalse
    clusterNameClusterName is the name of a cluster.stringfalse
    clusterSelectorClusterSelector is a label selector to select clusters.*metav1.LabelSelectorfalse
    clusterGroupClusterGroup is the name of a cluster group in the same namespace as the clusters.stringfalse
    clusterGroupSelectorClusterGroupSelector is a label selector to select cluster groups.*metav1.LabelSelectorfalse

    Back to Custom Resources

    ResourcePerClusterState​

    ResourcePerClusterState is generated for each non-ready resource of the bundles.

    FieldDescriptionSchemeRequired
    stateState is the state of the resource.stringfalse
    errorError is true if the resource is in an error state, copied from the bundle's summary for non-ready resources.boolfalse
    transitioningTransitioning is true if the resource is in a transitioning state, copied from the bundle's summary for non-ready resources.boolfalse
    messageMessage combines the messages from the bundle's summary. Messages are joined with the delimiter ';'.stringfalse
    patchPatch for modified resources.*GenericMapfalse
    clusterIdClusterID is the id of the cluster.stringfalse

    Back to Custom Resources

    GitRepoRestriction​

    GitRepoRestriction is a resource that can optionally be used to restrict the options of GitRepos in the same namespace.

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    defaultServiceAccountDefaultServiceAccount overrides the GitRepo's default service account.stringfalse
    allowedServiceAccountsAllowedServiceAccounts is a list of service accounts that GitRepos are allowed to use.[]stringfalse
    allowedRepoPatternsAllowedRepoPatterns is a list of regex patterns that restrict the valid values of the Repo field of a GitRepo.[]stringfalse
    defaultClientSecretNameDefaultClientSecretName overrides the GitRepo's default client secret.stringfalse
    allowedClientSecretNamesAllowedClientSecretNames is a list of client secret names that GitRepos are allowed to use.[]stringfalse
    allowedTargetNamespacesAllowedTargetNamespaces restricts TargetNamespace to the given namespaces. If AllowedTargetNamespaces is set, TargetNamespace must be set.[]stringfalse

    Back to Custom Resources

    GitRepoRestrictionList​

    GitRepoRestrictionList contains a list of GitRepoRestriction

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]GitRepoRestrictiontrue

    Back to Custom Resources

    AlphabeticalPolicy​

    AlphabeticalPolicy specifies a alphabetical ordering policy.

    FieldDescriptionSchemeRequired
    orderOrder specifies the sorting order of the tags. Given the letters of the alphabet as tags, ascending order would select Z, and descending order would select A.stringfalse

    Back to Custom Resources

    ImagePolicyChoice​

    ImagePolicyChoice is a union of all the types of policy that can be supplied.

    FieldDescriptionSchemeRequired
    semverSemVer gives a semantic version range to check against the tags available.*SemVerPolicyfalse
    alphabeticalAlphabetical set of rules to use for alphabetical ordering of the tags.*AlphabeticalPolicyfalse

    Back to Custom Resources

    ImageScan​

    FieldDescriptionSchemeRequired
    metadatametav1.ObjectMetafalse
    specImageScanSpecfalse
    statusImageScanStatusfalse

    Back to Custom Resources

    ImageScanList​

    ImageScanList contains a list of ImageScan

    FieldDescriptionSchemeRequired
    metadatametav1.ListMetafalse
    items[]ImageScantrue

    Back to Custom Resources

    ImageScanSpec​

    API is taken from https://github.com/fluxcd/image-reflector-controller

    FieldDescriptionSchemeRequired
    tagNameTagName is the tag ref that needs to be put in manifest to replace fieldsstringfalse
    gitrepoNameGitRepo reference namestringfalse
    imageImage is the name of the image repositorystringfalse
    intervalInterval is the length of time to wait between scans of the image repository.metav1.Durationfalse
    secretRefSecretRef can be given the name of a secret containing credentials to use for the image registry. The secret should be created with kubectl create secret docker-registry, or the equivalent.*corev1.LocalObjectReferencefalse
    suspendThis flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults to false.boolfalse
    policyPolicy gives the particulars of the policy to be followed in selecting the most recent imageImagePolicyChoicetrue

    Back to Custom Resources

    ImageScanStatus​

    FieldDescriptionSchemeRequired
    conditions[]genericcondition.GenericConditionfalse
    lastScanTimeLastScanTime is the last time image was scannedmetav1.Timefalse
    latestImageLatestImage gives the first in the list of images scanned by the image repository, when filtered and ordered according to the policy.stringfalse
    latestTagLatest tag is the latest tag filtered by the policystringfalse
    latestDigestLatestDigest is the digest of latest tagstringfalse
    observedGenerationint64false
    canonicalImageNameCanonicalName is the name of the image repository with all the implied bits made explicit; e.g., docker.io/library/alpine rather than alpine.stringfalse

    Back to Custom Resources

    SemVerPolicy​

    SemVerPolicy specifies a semantic version policy.

    FieldDescriptionSchemeRequired
    rangeRange gives a semver range for the image tag; the highest version within the range that's a tag yields the latest image.stringtrue

    Back to Custom Resources

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/ref-fleet-yaml.html b/ref-fleet-yaml.html index e27fda88a..c4807dc16 100644 --- a/ref-fleet-yaml.html +++ b/ref-fleet-yaml.html @@ -4,7 +4,7 @@ fleet.yaml | Fleet - + @@ -15,8 +15,8 @@ These options are often similar to the Helm CLI options for install and update.< of the chart. go-getter also allows to download a chart from a Git repo.
  • a Helm repository, specified by repo and optionally version.
  • an OCI Helm repository, specified by repo and optionally version.

    • Helm Chart Value Options​

    Options for the downloaded Helm chart.

    • values
    • valuesFiles
    • valueFrom

    Templating​

    It is possible to specify the keys and values as go template strings for advanced templating needs. Most of the functions from the sprig templating library are available.

    Note that if the functions output changes with every call, e.g. uuidv4, the bundle will get redeployed.

    The template context has the following keys:

    • .ClusterValues are retrieved from target cluster's spec.templateValues
    • .ClusterLabels and .ClusterAnnotations are the labels and annoations in the cluster resource.
    • .ClusterName as the fleet's cluster resource name.
    • .ClusterNamespace as the namespace in which the cluster resource exists.

    Note: The fleet.yaml must be valid yaml. Templating uses ${ } as delims, unlike Helm which uses {{ }}. -These fleet.yaml template delimiters can be escaped using backticks, eg.:

    foo-bar-${`${PWD}`}

    will result in the following text:

    foo-bar-${PWD}
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +These fleet.yaml template delimiters can be escaped using backticks, eg.:

    foo-bar-${`${PWD}`}

    will result in the following text:

    foo-bar-${PWD}
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/ref-gitrepo.html b/ref-gitrepo.html index c295f0e00..76a864333 100644 --- a/ref-gitrepo.html +++ b/ref-gitrepo.html @@ -4,14 +4,14 @@ GitRepo Resource | Fleet - +
    Version: Next 🚧

    GitRepo Resource

    The GitRepo resource describes git repositories, how to access them and where the bundles are located.

    The content of the resource corresponds to the GitRepoSpec. -For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private git repository you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key

      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret

      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.
      # Credentials will always be used if it is empty or not provided
      #
      # helmRepoURLRegex: https://charts.rancher.io/*

      # Contains the auth secret for private Helm repository for each path.
      # See [Create a GitRepo Resource](.gitrepo-add#use-different-helm-credentials-for-each-path)
      #
      # helmSecretNameForPaths: multi-helm-secret

      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle

      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true

      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # When disablePolling is set to true the git repo won't be checked periodically.
      # It will rely on webhooks only.
      # See [Using Webhooks Instead of Polling](https://fleet.rancher.io/webhook)
      # disablePolling: false

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      # If empty, the "default" cluster group is used.
      #
      # targets: ...

      # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses
      # a three-way merge strategy by default.
      # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating
      # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.
      # Keep in mind that resources might be recreated if force is enabled.
      # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.
      #
      #  correctDrift:
      #    enabled: false
      #    force: false #Warning: it might recreate resources if set to true
      #    keepFailHistory: false
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +For more information on how to use GitRepo resource, e.g. how to watch private repositories, see Create a GitRepo Resource.

    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      # Any name can be used here
      name: my-repo
      # For single cluster use fleet-local, otherwise use the namespace of
      # your choosing
      namespace: fleet-local
    spec:
      # This can be a HTTPS or git URL.  If you are using a git URL then
      # clientSecretName will probably need to be set to supply a credential.
      # repo is the only required parameter for a repo to be monitored.
      #
      repo: https://github.com/rancher/fleet-examples

      # Enforce all resources go to this target namespace. If a cluster scoped
      # resource is found the deployment will fail.
      #
      # targetNamespace: app1

      # Any branch can be watched, this field is optional. If not specified the
      # branch is assumed to be master
      #
      # branch: master

      # A specific commit or tag can also be watched.
      #
      # revision: v0.3.0

      # For a private git repository you must supply a clientSecretName. A default
      # secret can be set at the namespace level using the GitRepoRestriction
      # type. Secrets must be of the type "kubernetes.io/ssh-auth" or
      # "kubernetes.io/basic-auth". The secret is assumed to be in the
      # same namespace as the GitRepo
      #
      # clientSecretName: my-ssh-key

      # If fleet.yaml contains a private Helm repo that requires authentication,
      # provide the credentials in a K8s secret and specify them here.
      # Danger: the credentials will be sent to all repositories referenced from
      # this gitrepo. See section below for more information.
      #
      # helmSecretName: my-helm-secret

      # Helm credentials from helmSecretName will be used if the helm repository url matches this regular expression.
      # Credentials will always be used if it is empty or not provided
      #
      # helmRepoURLRegex: https://charts.rancher.io/*

      # Contains the auth secret for private Helm repository for each path.
      # See [Create a GitRepo Resource](.gitrepo-add#use-different-helm-credentials-for-each-path)
      #
      # helmSecretNameForPaths: multi-helm-secret

      # To add additional ca-bundle for self-signed certs, caBundle can be
      # filled with base64 encoded pem data. For example:
      # `cat /path/to/ca.pem | base64 -w 0`
      #
      # caBundle: my-ca-bundle

      # Disable SSL verification for git repo
      #
      # insecureSkipTLSVerify: true

      # A git repo can read multiple paths in a repo at once.
      # The below field is expected to be an array of paths and
      # supports path globbing (ex: some/*/path)
      #
      # Example:
      # paths:
      # - single-path
      # - multiple-paths/*
      paths:
      - simple

      # PollingInterval configures how often fleet checks the git repo. The default
      # is 15 seconds.
      # Setting this to zero does not disable polling. It results in a 15s
      # interval, too.
      # As checking a git repo incurs a CPU cost, raising this value can help
      # lowering fleetcontroller's CPU usage if tens of git repos are used or more
      #
      # pollingInterval: 15s

      # When disablePolling is set to true the git repo won't be checked periodically.
      # It will rely on webhooks only.
      # See [Using Webhooks Instead of Polling](https://fleet.rancher.io/webhook)
      # disablePolling: false

      # Paused  causes changes in Git to not be propagated down to the clusters but
      # instead mark resources as OutOfSync
      #
      # paused: false

      # Increment this number to force a redeployment of contents from Git
      #
      # forceSyncGeneration: 0

      # The service account that will be used to perform this deployment.
      # This is the name of the service account that exists in the
      # downstream cluster in the cattle-fleet-system namespace. It is assumed
      # this service account already exists so it should be create before
      # hand, most likely coming from another git repo registered with
      # the Fleet manager.
      #
      # serviceAccount: moreSecureAccountThanClusterAdmin

      # Target clusters to deploy to if running Fleet in a multi-cluster
      # style. Refer to the "Mapping to Downstream Clusters" docs for
      # more information.
      # If empty, the "default" cluster group is used.
      #
      # targets: ...

      # Drift correction removes any external change made to resources managed by Fleet. It performs a helm rollback, which uses
      # a three-way merge strategy by default.
      # It will try to update all resources by doing a PUT request if force is enabled. Three-way strategic merge might fail when updating
      # an item inside of an array as it will try to add a new item instead of replacing the existing one. This can be fixed by using force.
      # Keep in mind that resources might be recreated if force is enabled.
      # Failed rollback will be removed from the helm history unless keepFailHistory is set to true.
      #
      #  correctDrift:
      #    enabled: false
      #    force: false #Warning: it might recreate resources if set to true
      #    keepFailHistory: false
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/ref-registration.html b/ref-registration.html index edc91aca8..d8846b1d2 100644 --- a/ref-registration.html +++ b/ref-registration.html @@ -4,7 +4,7 @@ Cluster Registration Internals | Fleet - + @@ -14,8 +14,8 @@ The import.go will enqueue itself until the import service account exists, because that’s needed to create the fleet-agent-bootstrap secret. Now, the fleet-agent and the bootstrap secret are present on the downstream cluster

    Fleet-Agent -> ClusterRegistration​

    Immediately the fleet-agent checks for a fleet-agent-bootstrap secret (which contains the import kubeconfig) and starts registering if present. Then fleet-agent creates a clusterregistration resource in fleet-default on the management cluster, with a random number. The random number will be used for the registration secret’s name.

    fleet-controller triggers and tries to grant the clusterregistration request to create fleet-agent’s serviceaccount and create the ‘c-*’ registration secret with the clients new kubeconfig. The registration secret name is hash("clientID-clientRandom"). The new kubeconfig uses the "request" account. The request account can access the cluster status, bundledeployments and contents.

    Notes​

    • The registration starts with the "import" account and pivots to the "request" account.
    • The fleet-default namespace has all the cluster registrations, the import account uses a separate namespace.
    • Once the agent is registered, fleet-controller will trigger on a cluster/namespace change and call manageagent to create a bundle. The agent will update itself to the bundle and since the generation env var changes it will restart.
    • If no bootstrap secret exists, the agent will not re-register.

    Diagram​

    Process​

    Detailed analysis of the registration process for clusters. This shows the interaction of controllers, resources and service accounts during the registration of a new downstream cluster or the local cluster. -It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Secrets​

    This diagram shows the resources created during registration and focuses on the k8s API server configuration.

    Registration Secrets

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's important to note that there are multiple ways to start this:

    • Creating a bootstrap config. Fleet does this for the local agent.
    • Creating a Cluster resource with a kubeconfig. Rancher does this for downstream clusters. See manager-initiated registration.
    • Create a ClusterRegistrationToken resource, optionally create a Cluster resource for a pre-defined (clientID) cluster. See agent-initiated registration.

    Registration

    Secrets​

    This diagram shows the resources created during registration and focuses on the k8s API server configuration.

    Registration Secrets

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/ref-resources.html b/ref-resources.html index 724b90e8f..2c67b9d52 100644 --- a/ref-resources.html +++ b/ref-resources.html @@ -4,13 +4,13 @@ List of Deployed Resources | Fleet - +
    -
    Version: Next 🚧

    List of Deployed Resources

    After installing Fleet in Rancher these resources are created in the upstream cluster.

    TypeNameNamespace
    From Helm, intial setup:
    ClusterRolefleet-controller-
    ClusterRolegitjob-
    ClusterRoleBindingfleet-controller-
    ClusterRoleBindinggitjob-binding-
    ConfigMapfleet-controllercattle-fleet-system
    Deploymentfleet-controllercattle-fleet-system
    Deploymentgitjobcattle-fleet-system
    Rolefleet-controllercattle-fleet-system
    Rolegitjobcattle-fleet-system
    RoleBindingfleet-controllercattle-fleet-system
    RoleBindinggitjobcattle-fleet-system
    Servicegitjobcattle-fleet-system
    ServiceAccountfleet-controllercattle-fleet-system
    ServiceAccountgitjobcattle-fleet-system
    Generated:
    clusters.fleet.cattle.iolocalfleet-local
    clusters.provisioning.cattle.iolocalfleet-local
    clusters.management.cattle.iolocal-
    ClusterGroupdefaultfleet-local
    Bundlefleet-agent-localfleet-local
    For each registered cluster:
    clusters.provisioning.cattle.ioby default fleet-default
    clusters.management.cattle.iogenerated-
    clusters.fleet.cattle.iofleet-default
    Bundlefleet-default
    BundleDeploymentcluster-fleet-local-local-IDfleet-agent-local

    Also see [namespaces]

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Version: Next 🚧

    List of Deployed Resources

    After installing Fleet in Rancher these resources are created in the upstream cluster.

    TypeNameNamespace
    From Helm, intial setup:
    ClusterRolefleet-controller-
    ClusterRolegitjob-
    ClusterRoleBindingfleet-controller-
    ClusterRoleBindinggitjob-binding-
    ConfigMapfleet-controllercattle-fleet-system
    Deploymentfleet-controllercattle-fleet-system
    Deploymentgitjobcattle-fleet-system
    Rolefleet-controllercattle-fleet-system
    Rolegitjobcattle-fleet-system
    RoleBindingfleet-controllercattle-fleet-system
    RoleBindinggitjobcattle-fleet-system
    Servicegitjobcattle-fleet-system
    ServiceAccountfleet-controllercattle-fleet-system
    ServiceAccountgitjobcattle-fleet-system
    Generated:
    clusters.fleet.cattle.iolocalfleet-local
    clusters.provisioning.cattle.iolocalfleet-local
    clusters.management.cattle.iolocal-
    ClusterGroupdefaultfleet-local
    Bundlefleet-agent-localfleet-local
    For each registered cluster:
    clusters.provisioning.cattle.ioby default fleet-default
    clusters.management.cattle.iogenerated-
    clusters.fleet.cattle.iofleet-default
    Bundlefleet-default
    BundleDeploymentcluster-fleet-local-local-IDfleet-agent-local

    Also see [namespaces]

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/resources-during-deployment.html b/resources-during-deployment.html index a5676665b..b1598a0af 100644 --- a/resources-during-deployment.html +++ b/resources-during-deployment.html @@ -4,13 +4,13 @@ Custom Resources During Deployment | Fleet - +
    -
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/search.html b/search.html index 022aebcd5..e74a28d7e 100644 --- a/search.html +++ b/search.html @@ -4,13 +4,13 @@ Search the documentation | Fleet - +

    Search the documentation

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - + \ No newline at end of file diff --git a/troubleshooting.html b/troubleshooting.html index 88c9a0394..21a335b1e 100644 --- a/troubleshooting.html +++ b/troubleshooting.html @@ -4,7 +4,7 @@ Troubleshooting | Fleet - + @@ -12,8 +12,8 @@
    Version: Next 🚧

    Troubleshooting

    This section contains commands and tips to troubleshoot Fleet.

    How Do I...​

    Fetch the log from fleet-controller?​

    In the local management cluster where the fleet-controller is deployed, run the following command with your specific fleet-controller pod name filled in:

    $ kubectl logs -l app=fleet-controller -n cattle-fleet-system

    Fetch the log from the fleet-agent?​

    Go to each downstream cluster and run the following command for the local cluster with your specific fleet-agent pod name filled in:

    # Downstream cluster
    $ kubectl logs -l app=fleet-agent -n cattle-fleet-system
    # Local cluster
    $ kubectl logs -l app=fleet-agent -n cattle-local-fleet-system

    Fetch detailed error logs from GitRepos and Bundles?​

    Normally, errors should appear in the Rancher UI. However, if there is not enough information displayed about the error there, you can research further by trying one or more of the following as needed:

    • For more information about the bundle, click on bundle, and the YAML mode will be enabled.
    • For more information about the GitRepo, click on GitRepo, then click on View Yaml in the upper right of the screen. After viewing the YAML, check status.conditions; a detailed error message should be displayed here.
    • Check the fleet-controller for synching errors.
    • Check the fleet-agent log in the downstream cluster if you encounter issues when deploying the bundle.

    Fetch detailed status from GitRepos and Bundles?​

    For debugging and bug reports the raw JSON of the resources status fields is most useful. This can be accessed in the Rancher UI, or through kubectl:

    kubectl get bundle -n fleet-local fleet-agent-local -o=jsonpath={.status}
    kubectl get gitrepo -n fleet-default gitrepo-name -o=jsonpath={.status}

    Check a chart rendering error in Kustomize?​

    Check the fleet-controller logs and the fleet-agent logs.

    Check errors about watching or checking out the GitRepo, or about the downloaded Helm repo in fleet.yaml?​

    Check the gitjob-controller logs using the following command with your specific gitjob pod name filled in:

    $ kubectl logs -f $gitjob-pod-name -n cattle-fleet-system

    Note that there are two containers inside the pod: the step-git-source container that clones the git repo, and the fleet container that applies bundles based on the git repo.

    The pods will usually have images named rancher/tekton-utils with the gitRepo name as a prefix. Check the logs for these Kubernetes job pods in the local management cluster as follows, filling in your specific gitRepoName pod name and namespace:

    $ kubectl logs -f $gitRepoName-pod-name -n namespace

    Check the status of the fleet-controller?​

    You can check the status of the fleet-controller pods by running the commands below:

    kubectl -n cattle-fleet-system logs -l app=fleet-controller
    kubectl -n cattle-fleet-system get pods -l app=fleet-controller
    NAME                                READY   STATUS    RESTARTS   AGE
    fleet-controller-64f49d756b-n57wq   1/1     Running   0          3m21s

    Enable debug logging for fleet-controller and fleet-agent?​

    Available in Rancher v2.6.3 (Fleet v0.3.8), the ability to enable debug logging has been added.

    • Go to the Dashboard, then click on the local cluster in the left navigation menu
    • Select Apps & Marketplace, then Installed Apps from the dropdown
    • From there, you will upgrade the Fleet chart with the value debug=true. You can also set debugLevel=5 if desired.

    Additional Solutions for Other Fleet Issues​

    Naming conventions for CRDs​

    1. For CRD terms like clusters and gitrepos, you must reference the full CRD name. For example, the cluster CRD's complete name is cluster.fleet.cattle.io, and the gitrepo CRD's complete name is gitrepo.fleet.cattle.io.

    2. Bundles, which are created from the GitRepo, follow the pattern $gitrepoName-$path in the same workspace/namespace where the GitRepo was created. Note that $path is the path directory in the git repository that contains the bundle (fleet.yaml).

    3. BundleDeployments, which are created from the bundle, follow the pattern $bundleName-$clusterName in the namespace clusters-$workspace-$cluster-$generateHash. Note that $clusterName is the cluster to which the bundle will be deployed.

    HTTP secrets in Github​

    When testing Fleet with private git repositories, you will notice that HTTP secrets are no longer supported in Github. To work around this issue, follow these steps:

    1. Create a personal access token in Github.
    2. In Rancher, create an HTTP secret with your Github username.
    3. Use your token as the secret.

    Fleet fails with bad response code: 403​

    If your GitJob returns the error below, the problem may be that Fleet cannot access the Helm repo you specified in your fleet.yaml:

    time="2021-11-04T09:21:24Z" level=fatal msg="bad response code: 403"

    Perform the following steps to assess:

    • Check that your repo is accessible from your dev machine, and that you can download the Helm chart successfully
    • Check that your credentials for the git repo are valid

    Helm chart repo: certificate signed by unknown authority​

    If your GitJob returns the error below, you may have added the wrong certificate chain:

    time="2021-11-11T05:55:08Z" level=fatal msg="Get \"https://helm.intra/virtual-helm/index.yaml\": x509: certificate signed by unknown authority"

    Please verify your certificate with the following command:

    context=playground-local
    kubectl get secret -n fleet-default helm-repo -o jsonpath="{['data']['cacerts']}" --context $context | base64 -d | openssl x509 -text -noout
    Certificate:
        Data:
            Version: 3 (0x2)
            Serial Number:
                7a:1e:df:79:5f:b0:e0:be:49:de:11:5e:d9:9c:a9:71
            Signature Algorithm: sha512WithRSAEncryption
            Issuer: C = CH, O = MY COMPANY, CN = NOP Root CA G3
    ...

    Fleet deployment stuck in modified state​

    When you deploy bundles to Fleet, some of the components are modified, and this causes the "modified" flag in the Fleet environment.

    To ignore the modified flag for the differences between the Helm install generated by fleet.yaml and the resource in your cluster, add a diff.comparePatches to the fleet.yaml for your Deployment, as shown in this example:

    defaultNamespace: <namespace name>
    helm:
      releaseName: <release name>
      repo: <repo name>
      chart: <chart name>
    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        operations:
        - {"op":"remove", "path":"/spec/template/spec/hostNetwork"}
        - {"op":"remove", "path":"/spec/template/spec/nodeSelector"}
        jsonPointers: # jsonPointers allows to ignore diffs at certain json path
        - "/spec/template/spec/priorityClassName"
        - "/spec/template/spec/tolerations"

    To determine which operations should be removed, observe the logs from fleet-agent on the target cluster. You should see entries similar to the following:

    level=error msg="bundle monitoring-monitoring: deployment.apps monitoring/monitoring-monitoring-kube-state-metrics modified {\"spec\":{\"template\":{\"spec\":{\"hostNetwork\":false}}}}"

    Based on the above log, you can add the following entry to remove the operation:

    {"op":"remove", "path":"/spec/template/spec/hostNetwork"}

    GitRepo or Bundle stuck in modified state​

    Modified means that there is a mismatch between the actual state and the desired state, the source of truth, which lives in the git repository.

    1. Check the bundle diffs documentation for more information.

    2. You can also force update the gitrepo to perform a manual resync. Select GitRepo on the left navigation bar, then select Force Update.

    Bundle has a Horizontal Pod Autoscaler (HPA) in modified state​

    For bundles with an HPA, the expected state is Modified, as the bundle contains fields that differ from the state of the Bundle at deployment - usually ReplicaSet.

    You must define a patch in the fleet.yaml to ignore this field according to GitRepo or Bundle stuck in modified state.

    Here is an example of such a patch for the deployment nginx in namespace default:

    diff:
      comparePatches:
      - apiVersion: apps/v1
        kind: Deployment
        name: nginx
        namespace: default
        operations:
        - {"op": "remove", "path": "/spec/replicas"}

    What if the cluster is unavailable, or is in a WaitCheckIn state?​

    You will need to re-import and restart the registration process: Select Cluster on the left navigation bar, then select Force Update

    caution

    WaitCheckIn status for Rancher v2.5: The cluster will show in WaitCheckIn status because the fleet-controller is attempting to communicate with Fleet using the Rancher service IP. However, Fleet must communicate directly with Rancher via the Kubernetes service DNS using service discovery, not through the proxy. For more, see the Rancher docs.

    GitRepo complains with gzip: invalid header​

    When you see an error like the one below ...

    Error opening a gzip reader for /tmp/getter154967024/archive: gzip: invalid header

    ... the content of the helm chart is incorrect. Manually download the chart to your local machine and check the content.

    Agent is no longer registered​

    You can force a redeployment of an agent for a given cluster by setting redeployAgentGeneration.

    kubectl patch clusters.fleet.cattle.io -n fleet-local local --type=json -p '[{"op": "add", "path": "/spec/redeployAgentGeneration", "value": -1}]'

    Migrate the local cluster to the Fleet default cluster workspace?​

    Users can create new workspaces and move clusters across workspaces. -It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +It's currently not possible to move the local cluster from fleet-local to another workspace.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/tut-deployment.html b/tut-deployment.html index c6c2d69a4..cf34c518c 100644 --- a/tut-deployment.html +++ b/tut-deployment.html @@ -4,7 +4,7 @@ Creating a Deployment | Fleet - + @@ -13,8 +13,8 @@ For more details on the options that are available per Git repository see Adding a GitRepo.

    Single-Cluster Examples​

    All examples will deploy content to clusters with no per-cluster customizations. This is a good starting point to understand the basics of structuring Git repos for Fleet.

    An example using Helm. We are deploying the helm example to the local cluster.

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment:

    fleet.yaml
    namespace: fleet-helm-example

    # Custom helm options
    helm:
      # The release name to use. If empty a generated release name will be used
      releaseName: guestbook

      # The directory of the chart in the repo.  Also any valid go-getter supported
      # URL can be used there is specify where to download the chart from.
      # If repo below is set this value if the chart name in the repo
      chart: ""

      # An https to a valid Helm repository to download the chart from
      repo: ""

      # Used if repo is set to look up the version of the chart
      version: ""

      # Force recreate resource that can not be updated
      force: false

      # How long for helm to wait for the release to be active. If the value
      # is less that or equal to zero, we will not wait in Helm
      timeoutSeconds: 0

      # Custom values that will be passed as values.yaml to the installation
      values:
        replicas: 2

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-local namespace contains the local cluster resource. The local fleet-agent will create the deployment in the fleet-helm-example namespace.

    kubectl apply -n fleet-local -f - <<EOF
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - single-cluster/helm
    EOF

    Multi-Cluster Examples​

    The examples below will deploy a multi git repo to multiple clusters at once and configure the app differently for each target.

    An example using Helm. We are deploying the helm example and customizing it per target cluster

    The repository contains a helm chart and an optional fleet.yaml to configure the deployment. The fleet.yaml is used to configure different deployment options, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-helm-example
    targetCustomizations:
    - name: dev
      helm:
        values:
          replication: false
      clusterSelector:
        matchLabels:
          env: dev

    - name: test
      helm:
        values:
          replicas: 3
      clusterSelector:
        matchLabels:
          env: test

    - name: prod
      helm:
        values:
          serviceType: LoadBalancer
          replicas: 3
      clusterSelector:
        matchLabels:
          env: prod

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: helm
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/helm
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod

    By applying the gitrepo resource to the upstream cluster, fleet will start to monitor the repository and create deployments:

    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +The application will be customized as follows per environment:

    • Dev clusters: Only the redis leader is deployed and not the followers.
    • Test clusters: Scale the front deployment to 3
    • Prod clusters: Scale the front deployment to 3 and set the service type to LoadBalancer

    The fleet.yaml is used to control which 'yaml' overlays are used, depending on the cluster's labels:

    fleet.yaml
    namespace: fleet-mc-manifest-example
    targetCustomizations:
    - name: dev
      clusterSelector:
        matchLabels:
          env: dev
      yaml:
        overlays:
        # Refers to overlays/noreplication folder
        - noreplication

    - name: test
      clusterSelector:
        matchLabels:
          env: test
      yaml:
        overlays:
        # Refers to overlays/scale3 folder
        - scale3

    - name: prod
      clusterSelector:
        matchLabels:
          env: prod
      yaml:
        # Refers to overlays/servicelb, scale3 folders
        overlays:
        - servicelb
        - scale3

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    To create the deployment, we apply the custom resource to the upstream cluster. The fleet-default namespace, by default, contains the downstream cluster resources. The chart will be deployed to all clusters in the fleet-default namespace, which have a labeled cluster resources that matches any entry under targets:.

    gitrepo.yaml
    kind: GitRepo
    apiVersion: fleet.cattle.io/v1alpha1
    metadata:
      name: manifests
      namespace: fleet-default
    spec:
      repo: https://github.com/rancher/fleet-examples
      paths:
      - multi-cluster/manifests
      targets:
      - name: dev
        clusterSelector:
          matchLabels:
            env: dev

      - name: test
        clusterSelector:
          matchLabels:
            env: test

      - name: prod
        clusterSelector:
          matchLabels:
            env: prod
    kubectl apply -n fleet-default -f gitrepo.yaml
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/uninstall.html b/uninstall.html index ad14d0f2b..67bbea01c 100644 --- a/uninstall.html +++ b/uninstall.html @@ -4,15 +4,15 @@ Uninstall | Fleet - +
    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +two commands:

    helm -n cattle-fleet-system uninstall fleet
    helm -n cattle-fleet-system uninstall fleet-crd
    caution

    Uninstalling the CRDs will remove all deployed workloads.

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file diff --git a/webhook.html b/webhook.html index 75fe6f908..fea3b7fad 100644 --- a/webhook.html +++ b/webhook.html @@ -4,15 +4,15 @@ Using Webhooks Instead of Polling | Fleet - +
    Version: Next 🚧

    Using Webhooks Instead of Polling

    By default, Fleet utilizes polling (default: every 15 seconds) to pull from a Git repo. This is a convenient default that works reasonably well for a small number of repos (up to a few tens).

    For installations with multiple tens up to hundreds of Git repos, and in general to reduce latency (the time between a push to Git and fleet reacting to it), configuring webhooks is recommended instead of polling.

    Fleet currently supports Azure DevOps, GitHub, GitLab, Bitbucket, Bitbucket Server, and Gogs.

    1. Configure the webhook service. Fleet uses a gitjob service to handle webhook requests. Create an ingress that points to the gitjob service.​

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      name: webhook-ingress
      namespace: cattle-fleet-system
    spec:
      rules:
      - host: your.domain.com
        http:
          paths:
            - path: /
              pathType: Prefix
              backend:
                service:
                  name: gitjob
                  port:
                    number: 80

    If you want to have the webhook available using the same host name as your Rancher or another service, you can use the following YAML with the URL http://your.domain.com/gitjob. The below YAML is specific for the Nginx Ingress Controller:

    apiVersion: networking.k8s.io/v1
    kind: Ingress
    metadata:
      annotations:
        nginx.ingress.kubernetes.io/use-regex: "true"
        nginx.ingress.kubernetes.io/rewrite-target: /$2
      name: webhook-ingress
      namespace: cattle-fleet-system
    spec:
      rules:
      - host: your.domain.com
        http:
          paths:
            - path: /gitjob(/|$)(.*)
              pathType: ImplementationSpecific
              backend:
                service:
                  name: gitjob
                  port:
                    number: 80
    info

    You can configure TLS on ingress.

    2. Go to your webhook provider and configure the webhook callback url. Here is a Github example.​

    Configuring a secret is optional. This is used to validate the webhook payload as the payload should not be trusted by default. If your webhook server is publicly accessible to the Internet, then it is recommended to configure the secret. If you do configure the -secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs
    Azure DevOpsazure-username
    Azure DevOpsazure-password

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    For Azure DevOps:

    • Enable basic authentication in Azure
    • Create a secret containing the credentials for the basic authentication
    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=azure-username=user --from-literal=azure-password=pass123

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    - +secret, follow step 3.

    note

    only application/json is supported due to the limitation of webhook library.

    caution

    If you configured the webhook the polling interval will be automatically adjusted to 1 hour.

    3. (Optional) Configure webhook secret. The secret is for validating webhook payload. Make sure to put it in a k8s secret called gitjob-webhook in cattle-fleet-system.​

    ProviderK8s Secret Key
    GitHubgithub
    GitLabgitlab
    BitBucketbitbucket
    BitBucketServerbitbucket-server
    Gogsgogs
    Azure DevOpsazure-username
    Azure DevOpsazure-password

    For example, to create a secret containing a GitHub secret to validate the webhook payload, run:

    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=github=webhooksecretvalue

    For Azure DevOps:

    • Enable basic authentication in Azure
    • Create a secret containing the credentials for the basic authentication
    kubectl create secret generic gitjob-webhook -n cattle-fleet-system --from-literal=azure-username=user --from-literal=azure-password=pass123

    4. Go to your git provider and test the connection. You should get a HTTP response code.​

    Copyright © 2024 SUSE Rancher. All Rights Reserved.
    + \ No newline at end of file