Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-1442

Multiple hub architecture for a managed cluster (Policy add-on)

XMLWordPrintable

      Epic Goal

      • Allow a cluster to be managed by multiple hub clusters, and have the Policy-addon still function correctly.

      Note: This Epic does not Have a Dev Preview, Tech Preview, or GA attached because it will not be an officially supported ACM feature

      Why is this important?

      Service Delivery plans to adopt ACM to help with managing their fleet of OCP-as-a-Service clusters.  This creates a scenario where a managed OCP cluster would need to be managed by the SD ACM Hub, but also needs to be able to be registered into a customer's own ACM hub.

      Scenarios

      • OpenShift Cluster Manager (Service Delivery) deploys and manages a customer's ROSA/OSD/ARO/ROKS cluster with a Service Delivery-owned RHACM hub cluster.
      • A user can import the cluster (from first bullet) into their own RHACM hub.
      • Policies can be used by both SD and a user
      • Policy's origin hub can be identified, and the policy agent from the respective hub will only enforce its own policies (both policy agent controllers should not try to act on a Policy CR)

      Acceptance Criteria

      • Standard OCP deployments (Hive-based) must be supported
      • Hosted OCP deployments (HyperShift-based) must be supported
      • The RHACM user's product experience is not degraded, reduced, limited, or changed from existing implementation.
      • Two Policy addons can target the same cluster
      • Internal documentation will be created for Service Delivery to implement this pattern
      • This feature should NOT be added to official RHACM product documentation or product blogs
      • This feature should NOT be marketed or advertised as a supported feature of RHACM

      Dependencies (internal and external)

      Previous Work (Optional):

      1. Hosted Mode for Klusterlet

      Open questions::

      1. Will a policy be identifiable as coming from a given hub?
      2. What about Gatekeeper?

      Done Checklist

      • CI - CI is running, tests are automated and merged.
      • Release Enablement <link to Feature Enablement Presentation>
      • DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
      • DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
      • DEV - Downstream build attached to advisory: <link to errata>
      • QE - Test plans in Polarion: <link or reference to Polarion>
      • QE - Automated tests merged: <link or reference to automated tests>
      • DOC - Downstream documentation merged: <link to meaningful PR>

              showeimer Sho Weimer
              showeimer Sho Weimer
              Gus Parvin Gus Parvin
              Jayashree Ramanathan Jayashree Ramanathan (Inactive)
              Christian Stark Christian Stark
              Nelson Jean Nelson Jean
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: