add agent connection

Signed-off-by: FeynmanZhou <pengfeizhou@yunify.com>
2025-12-30 17:52:56 +00:00 · 2020-08-27 22:28:37 +08:00 · 2020-08-27 22:28:37 +08:00 · aee978a7df
parent 1f143b4852
commit aee978a7df
4 changed files with 194 additions and 14 deletions
--- a/content/en/docs/multicluster-management/enable-multicluster/agent-connection.md
+++ b/content/en/docs/multicluster-management/enable-multicluster/agent-connection.md
@ -1,10 +1,180 @@
 ---
-title: "Kubernetes Federation in KubeSphere"
-keywords: 'kubernetes, kubesphere, multicluster, hybrid-cloud'
+title: "Agent Connection"
+keywords: 'kubernetes, kubesphere, multicluster, agent-connection'
 description: 'Overview'


-weight: 2340
+weight: 2343
 ---

-TBD
+## Prerequisites
+
+You have already installed at least two KubeSphere clusters, please refer to [Installing on Linux](../../../installing-on-linux) or [Installing on Kubernetes](../../../installing-on-kubernetes) if not yet.
+
+{{< notice note >}}
+Multi-cluster management requires Kubesphere to be installed on the target clusters. If you have an existing cluster, please install a minimal KubeSphere on it as an agent, see [Installing Minimal KubeSphere on Kubernetes](../../../installing-on-kubernetes/minimal-kubesphere-on-k8s) for details.
+{{</ notice >}}
+
+## Agent Connection
+
+The component [Tower](https://github.com/kubesphere/tower) of KubeSphere is used for agent connection. Tower is a tool for network connection between clusters through the agent. If the H Cluster cannot access the M Cluster directly, you can expose the proxy service address of the H cluster. This enables the M Cluster to connect to the H cluster through the agent. This method is applicable when the M Cluster is in a private environment (e.g. IDC) and the H Cluster is able to expose the proxy service. The agent connection is also applicable when your clusters are distributed in different cloud providers.
+
+### Prepare a Host Cluster
+
+{{< tabs >}}
+
+{{< tab "KubeSphere has been installed" >}}
+
+If you already have a standalone KubeSphere installed, you can change the `clusterRole` to a host cluster by editing the cluster configuration and **wait for a while**.
+
+- Option A - Use Web Console:
+
+Use `cluster-admin` account to enter **Cluster Management → CRDs**, search for the keyword `ClusterConfiguration` and enter its detailed page, edit the YAML of `ks-installer`. This is similar to Enable Pluggable Components.
+
+- Option B - Use Kubectl:
+
+```shell
+kubectl edit cc ks-installer -n kubesphere-system
+```
+
+Scroll down and change the value of `clusterRole` to `host`, then click **Update** to make it effective:
+
+```yaml
+multicluster:
+  clusterRole: host
+```
+
+Set Proxy Service Address.
+
+After the installation of the Host Cluster, a proxy service called tower will be created in `kubesphere-system`, whose type is **LoadBalancer**.
+
+{{< tabs >}}
+
+{{< tab "There is a LoadBalancer in your cluster" >}}
+
+If a LoadBalancer plugin is available for the cluster, you can see a corresponding address for `EXTERNAL-IP`, which will be acquired by KubeSphere automatically. That means we can skip the step to set the proxy.
+
+```shell
+$ kubectl -n kubesphere-system get svc
+NAME       TYPE            CLUSTER-IP      EXTERNAL-IP     PORT(S)              AGE
+tower      LoadBalancer    10.233.63.191   139.198.110.23  8080:30721/TCP       16h
+```
+
+There is always a LoadBalancer solution in the public cloud, and the external IP should be allocated by Load Balancer automatically. If your clusters are running in an on-premises environment (Especially for the **bare metal environment**), we recommend you to use [Porter](https://github.com/porter/porter) as the LB solution.
+
+{{</ tab >}}
+
+{{< tab "There is not a LoadBalancer in your cluster" >}}
+
+1. If you cannot see a corresponding address displayed (the EXTERNAL-IP is pending), you need to manually set the proxy address. For example, you have an available public IP address `139.198.120.120`. And the port `8080` of this IP address has been forwarded to the port `30721` of the cluster.
+
+```shell
+kubectl -n kubesphere-system get svc
+```
+
+```
+NAME       TYPE            CLUSTER-IP      EXTERNAL-IP     PORT(S)              AGE
+tower      LoadBalancer    10.233.63.191   <pending>  8080:30721/TCP       16h
+```
+
+2. Change the ConfigMap of the ks-installer and input the the address you set before. You can also edit the ConfigMap from **Configuration → ConfigMaps**, search for the keyword `kubesphere-config`, then edit its YAML and add the following configuration:
+
+```bash
+kubectl -n kubesphere-system edit cm kubesphere-config
+```
+
+```
+multicluster:
+    clusterRole: host
+    proxyPublishAddress: http://139.198.120.120:8080 # Add this line to set the address to access tower
+```
+
+3. Save and update the ConfigMap, then restart the Deployment `ks-apiserver`.
+
+```shell
+kubectl -n kubesphere-system rollout restart deployment ks-apiserver
+```
+
+{{</ tab >}}
+
+{{</ tabs >}}
+
+
+### Prepare a Member Cluster
+
+In order to manage the member cluster within the host cluster, we need to make the jwtSecret same between them. So first you need to get it from the host by the following command.
+
+```bash
+kubectl -n kubesphere-system get cm kubesphere-config -o yaml | grep -v "apiVersion" | grep jwtSecret
+```
+
+```yaml
+jwtSecret: "gfIwilcc0WjNGKJ5DLeksf2JKfcLgTZU"
+```
+
+{{< tabs >}}
+
+{{< tab "KubeSphere has been installed" >}}
+
+If you already have a standalone KubeSphere installed, you can change the `clusterRole` to a host cluster by editing the cluster configuration and **wait for a while**.
+
+- Option A - Use Web Console:
+
+Use `cluster-admin` account to enter **Cluster Management → CRDs**, search for the keyword `ClusterConfiguration` and enter its detailed page, edit the YAML of `ks-installer`. This is similar to Enable Pluggable Components.
+
+- Option B - Use Kubectl:
+
+```shell
+kubectl edit cc ks-installer -n kubesphere-system
+```
+
+Then input the corresponding jwtSecret shown above:
+
+```yaml
+authentication:
+  jwtSecret: gfIwilcc0WjNGKJ5DLeksf2JKfcLgTZU
+```
+
+Then scroll down and change the value of `clusterRole` to `member`, then click **Update** to make it effective:
+
+```yaml
+multicluster:
+  clusterRole: member
+```
+
+{{</ tab >}}
+
+{{< tab "KubeSphere has not been installed" >}}
+
+There is no big difference if you just start the installation. Please fill in the `jwtSecret` with the value shown as above in `config-sample.yaml` or `cluster-configuration.yaml`:
+
+```yaml
+authentication:
+  jwtSecret: gfIwilcc0WjNGKJ5DLeksf2JKfcLgTZU
+```
+
+Then scroll down and change the `clusterRole` to `member`:
+
+```yaml
+multicluster:
+  clusterRole: member
+```
+
+{{</ tab >}}
+
+{{</ tabs >}}
+
+
+### Import Cluster
+
+1. Open the H Cluster Dashboard and click Add Cluster. Enter the basic information of the imported cluster and click **Next**.
+
+![Import Cluster](https://ap3.qingstor.com/kubesphere-website/docs/20200827211842.png)
+
+2. In **Connection Method**, select **Cluster connection agent** and Click **Import**.
+
+![agent-en](/images/docs/agent-en.png)
+
+3. Create an `agent.yaml` file in the M Cluster based on the instruction, then copy and paste the deployment to the file. Execute `kubectl create -f agent.yaml` on the node and wait for the agent to be up and running. Please make sure the proxy address is accessible to the M Cluster.
+
+4. You can see the cluster you have imported in the H Cluster when the cluster agent is up and running.
--- a/content/en/docs/multicluster-management/enable-multicluster/direct-connection.md
+++ b/content/en/docs/multicluster-management/enable-multicluster/direct-connection.md
@ -9,7 +9,11 @@ weight: 2340

 ## Prerequisites

-You have already installed at least two KubeSphere clusters, please reference [Installing on Linux](../../installing-on-linux) or [Installing on Kubernetes](../../installing-on-kubernetes) if not yet.
+You have already installed at least two KubeSphere clusters, please refer to [Installing on Linux](../../../installing-on-linux) or [Installing on Kubernetes](../../../installing-on-kubernetes) if not yet.
+
+{{< notice note >}}
+Multi-cluster management requires Kubesphere to be installed on the target clusters. If you have an existing cluster, please install a minimal KubeSphere on it as an agent, see [Installing Minimal KubeSphere on Kubernetes](../../../installing-on-kubernetes/minimal-kubesphere-on-k8s) for details.
+{{</ notice >}}

 ## Direct Connection

@ -63,13 +67,15 @@ kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=

 ### Prepare a Member Cluster

-In order for host cluster to manager member cluster, we need to make the jwtSecret same between them. So first get it from the host by the following command.
+In order to manage the member cluster within the host cluster, we need to make the jwtSecret same between them. So first you need to get it from the host by the following command.

 ```bash
-$ kubectl -n kubesphere-system get cm kubesphere-config -o yaml | grep -v "apiVersion" | grep jwtSecret
-  jwtSecret: "gfIwilcc0WjNGKJ5DLeksf2JKfcLgTZU"
+kubectl -n kubesphere-system get cm kubesphere-config -o yaml | grep -v "apiVersion" | grep jwtSecret
 ```

+```yaml
+jwtSecret: "gfIwilcc0WjNGKJ5DLeksf2JKfcLgTZU"
+```

 {{< tabs >}}

@ -105,12 +111,16 @@ multicluster:

 {{< tab "KubeSphere has not been installed" >}}

-There is no big difference if you just start the installation. Please note that the `clusterRole` and `jwtSecret` in `config-sample.yaml` or `cluster-configuration.yaml` have to be set like following (Input the corresponding jwtSecret shown above):
+There is no big difference if you just start the installation. Please fill in the `jwtSecret` with the value shown as above in `config-sample.yaml` or `cluster-configuration.yaml`:

 ```yaml
 authentication:
  jwtSecret: gfIwilcc0WjNGKJ5DLeksf2JKfcLgTZU
+```

+Then scroll down and change the `clusterRole` to `member`:
+
+```
 multicluster:
  clusterRole: member
 ```
@ -127,13 +137,13 @@ kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=

 ### Import Cluster

-* Open the H Cluster Dashboard and click **Add Cluster**. Enter the basic information of the cluster and click **Next**.
+* Open the H Cluster console and click **Add Cluster**. Enter the basic information of the cluster and click **Next**.

-* In Connection Method, select `Direct Connection to Kubernetes cluster`.  
+* In **Connection Method**, select **Direct Connection to Kubernetes cluster**.  

 * [Retrieve the KubeConfig](../retrieve-kubeconfig), then copy the KubeConfig of the Member Cluster and paste it into the box.

-{{< notice note >}}
+{{< notice tip >}}
 Please make sure the `server` address in KubeConfig is accessible on any node of the H Cluster. For `KubeSphere API Server` address, you can fill in the KubeSphere APIServer address or leave it blank.
 {{</ notice >}}

--- a/content/en/docs/multicluster-management/enable-multicluster/retrieve-kubeconfig.md
+++ b/content/en/docs/multicluster-management/enable-multicluster/retrieve-kubeconfig.md
@ -4,12 +4,12 @@ keywords: 'kubernetes, kubesphere, multicluster, hybrid-cloud'
 description: 'Overview'


-weight: 2340
+weight: 2345
 ---

 ## Prerequisites

-You have a Kubernetes cluster.
+You have a KubeSphere cluster.

 ## Explore KubeConfig File

--- a/static/images/docs/agent-en.png
+++ b/static/images/docs/agent-en.png