VHM and SUSE CaaS Platform
You can use a virtual host manager (VHM) to manage SUSE CaaS Platform clusters. The VHM allows SUSE Manager to obtain and report information about your clusters. For more information on VHMs, see Virtual Host Managers.
You can also manage SUSE CaaS Platform clusters directly with SUSE Manager, without using a VHM. For more information, see Clusters. |
1. Onboarding CaaSP Nodes
You can register each SUSE CaaS Platform node to SUSE Manager using the same method as you would a Salt client. For more information, see Client Registration Overview.
We recommend that you create an activation key to associate SUSE CaaS Platform channels, and to onboard the associated nodes. For more on activation keys, see Activation Keys.
If you are using cloud-init
, we recommended that you use a bootstrap script in the cloud-init
configuration.
For more on bootstrapping, see Register Clients with a Bootstrap Script.
When you have added the SUSE CaaS Platform nodes to SUSE Manager, the registered system automatically applies the system lock Salt formula to prevent unintended actions on the client. When a system is locked, the Web UI shows a warning and you can schedule actions using the Web UI or the API, but the action fails. For more information about system locks, see System Locking.
You can disable the System Lock formula from being automatically applied by editing the configuration file.
Open /etc/rhn/rhn.conf
and add this line at the end of the file:
Add this line at the end of the /etc/rhn/rhn.conf
file:
java.automatic_system_lock_cluster_nodes = false
Restart the spacewalk service to pick up the changes:
spacewalk-service restart
Updates related to Kubernetes are managed using the skuba-update
tool.
For more information, see https://documentation.suse.com/suse-caasp/4/html/caasp-admin.
When using Salt or SUSE Manager (either via UI or API) on any SUSE CaaS Platform nodes:
Issuing those operations could render your SUSE CaaS Platform cluster unusable. SUSE Manager does not stop you from issuing these operations if the system is not locked. |
2. Autoinstallation Profile of a SUSE CaaS Platform 4 Node
SUSE CaaS Platform 4 provides an AutoYaST profile that you can use to autoinstall a node.
The profile is in the patterns-caasp-Management
package.
For more information about the profile, see https://documentation.suse.com/suse-caasp/4.2/single-html/caasp-deployment/#_autoyast_preparation.
For an example script based based on the SUSE CaaS Platform 4 template, customized to make use of SUSE Manager, see https://github.com/SUSE/manager-build-profiles/tree/master/AutoYaST/CaaSP-autoinstall.
3. Manage a SUSE CaaS Platform Cluster With SUSE Manager
You can use SUSE Manager to manage one or more existing SUSE CaaS Platform clusters.
Only SUSE CaaS Platform 4 is currently supported. |
Before you begin, ensure you have installed your SUSE CaaS Platform cluster.
3.1. Elect a Management Node
To manage a SUSE CaaS Platform cluster, you need to elect a client as the management node for the cluster. The management node cannot be part of the cluster, and it must have the SUSE CaaS Platform channels associated with it before you begin. You can use a single management node for multiple clusters, as long as the clusters are all of the same kind.
-
In the SUSE Manager Web UI, navigate to
and click the name of the client to elect as the management node. -
Navigate to the
tab, and check theCaaSP Management Node
formula. -
Click Save and apply the highstate.
You cannot use the management node until the highstate has been completed. |
List all known clusters by navigating to skuba
and the Kubernetes API are shown, including the role, status, and whether any updates are available.
For more information about the data available for nodes, see https://documentation.suse.com/suse-caasp/4/html/caasp-admin/_cluster_updates.html.
You need to prepare the configuration from your cluster to the management node:
-
Copy the
skuba
configuration directory from your cluster to the management node. This is the directory that theskuba
service creates after the cluster has been bootstrapped. Take a note of the new file location for adding the cluster in the SUSE Manager Web UI. -
Provide a way to authentication. There are two ways you can achieve this, choose the method that best suits your environment:
-
Copy the passwordless private SSH key used to access the cluster nodes to the SUSE Manager Server, and take a note of the file location. You need the current keys, and keys for any clients that you want to use in the future.
-
You can use an
ssh-agent
socket, and provide the path to the socket when setting up the cluster. There are two ways of using thessh-agent
with SUSE CaaS Platform:-
By using
ssh-agent
locally:-
Start the ssh-agent locally:
eval $(ssh-agent)
-
Add the SSH key:
ssh-add <key>
-
The socket used to access the agent is available in the
$SSH_AGENT
environment variable.
-
-
Forward the
ssh-agent
to the management node from another machine:-
From your source machine:
ssh -A <management node>
. The socket path is also available in the$SSH_AGENT
environment variable.
-
-
-
If you are using the |
3.2. Manage Clusters
To manage a cluster in SUSE Manager, add the cluster in the Web UI.
-
In the SUSE Manager Web UI, navigate to
and click FIXME. -
Follow the prompts to provide information about your cluster, including the cluster type, and select the management node to associate.
-
Type the path to the
skuba
configuration file for the cluster. -
Type the passwordless SSH key you want to use, or to the
ssh-agent
socket. -
Type a name, label, and description for the cluster.
-
Click FIXME.
For each cluster you manage with SUSE Manager, a corresponding system group is created.
By default, the system group is called Cluster <cluster_name>
.
Refresh the system group to update the list of nodes.
Only nodes known to SUSE Manager are shown.
You can remove clusters from SUSE Manager by navigating to
, unchecking the cluster to be deleted, and clicking Delete Cluster.
Deleting a cluster removes the cluster from SUSE Manager, it does not delete the cluster nodes. Workloads running on the cluster continue uninterrupted. |
3.3. Manage Nodes
When you have the cluster created in SUSE Manager, you can manage nodes within the cluster.
Before you add a new node to the cluster, check the management node can access the node you want to add using passwordless SSH, or the ssh-agent
socket you are forwarding.
You also need to ensure that the node you want to add is registered to SUSE Manager, and has a SUSE CaaS Platform channel assigned.
-
In the SUSE Manager Web UI, navigate to
and click Join Node. -
Select the nodes to add from the list of available nodes. The list of available nodes includes only nodes that are registered to SUSE Manager, are not management nodes, and are not currently part of any cluster.
-
Follow the prompts to enter the SUSE CaaS Platform parameters for the nodes to be added.
-
OPTIONAL: Specify a custom
ssh-agent
socket that is valid only for the nodes that are being added. -
Click Save to schedule an action to add the nodes. During this action, SUSE Manager prepares the nodes for joining by disabling swap, then joins the nodes to the cluster.
-
In the SUSE Manager Web UI, navigate to
, uncheck the nodes to remove, and click Remove Node. -
Follow the prompts to define the parameters for the nodes to be removed.
-
OPTIONAL: Specify a custom
ssh-agent
socket that is valid only for the nodes that are being removed. -
Click Save to schedule an action to remove the nodes.
For more information about node removal, see https://documentation.suse.com/suse-caasp/4/single-html/caasp-admin/#_permanent_removal.
3.3.1. Upgrade the Cluster
If the cluster has available updates, you can use SUSE Manager to schedule and manage the upgrade.
SUSE Manager upgrades all control planes first, and then upgrades the workers. For more information, see https://documentation.suse.com/suse-caasp/4.2/single-html/caasp-admin/#_cluster_updates.
-
In the SUSE Manager Web UI, navigate to
, and click the cluster to upgrade. -
OPTIONAL: The are no SUSE CaaS Platform parameters available for you to customize for upgrade. However, you can specify a custom
ssh-agent
socket that is valid only for the nodes that are being upgraded. -
Click Save to schedule an action to upgrade the cluster.
SUSE Manager only interacts with |
For more information about upgrading, see https://www.suse.com/releasenotes/x86_64/SUSE-CAASP/4.