Registering resources

This page is for infrastructure operators.

After you install Anthos Management Center, you must register the machines, address pool, and Bootstrap Services. If you already registered your resources by editing the Management Center config file before you installed Management Center, you can skip this page, unless you are registering additional resources.

Register inventory machines

For a platform administrator to create a user cluster, Anthos private mode needs a pool of idle machines available. In this section, you register inventory machines to the Anthos admin cluster for the platform administrator to use later to create a user cluster. Those machines must meet the same requirements as the admin cluster nodes.

kubectl apply -f path/to/example-machine.yaml --kubeconfig=ADMIN_KUBECONFIG

Example example-machine.yaml file:

kind: InventoryMachine
  name: IP_ADDRESS
    "KEY": "VALUE"
  address: IP_ADDRESS

Replace the following:

  • IP_ADDRESS: the IP address of the machine, for example
  • KEY:VALUE: a key:value pair, for example "rack": "r1020" to indicate a rack location.

The labels are free-form key-value pairs that are attached to the resource. These labels can be used later in Management Center to filter machines. For example, you can use the labels to identify rack location or special hardware configurations.

Optional: Using different SSH keys for inventory machines

By default, Anthos private mode uses the SSH key provided by sshPrivateKeyPath (used to access machines for the admin cluster) to access these inventory machines. To have more isolation between admin cluster machines and inventory machines (used for user clusters), you can use a different SSH key for inventory machines. Create the SSH keys before you create the user clusters that need these keys.

  1. Distribute the SSH public key to all the inventory machines.

  2. Store the SSH private key as secret in the admin cluster, for example user-cluster-ssh-key.

    kubectl create secret generic user-cluster-ssh-key -n anthos-creds --kubeconfig=ADMIN_KUBECONFIG \

    Replace /path/to/KEYPAIR_PRIVATE_KEY_FILENAME with the path to output the key pair to.

  3. When creating user clusters, specify the secret created in step 1, such as user-cluster-ssh-key, under the namespace anthos-creds.

    This is supported only when creating clusters with the API. Add the SSH key in the cluster definition inside the user cluster yaml file as sshKeySecret and specify imagePullSecret, for example:

      kind: Cluster
        name: CLUSTER_NAME
        namespace: cluster-CLUSTER_NAME
        type: user
            name: user-cluster-ssh-key
            namespace: anthos-creds
          loginUser: LOGIN_USERNAME

    Replace the following:

    • CLUSTER_NAME: The name of the cluster.
    • LOGIN_USERNAME: The username used to log into the user cluster.

Register VIP address pool

For the platform administrator to create a user cluster, other than InventoryMachines, Anthos needs a pool of all available virtual IP addresses (VIPs). This pool is used by Management Center Console to show the platform admin which VIPs are available and to validate the VIP availability during user cluster creation.

In this section, you register an AddressPool to the Anthos admin cluster to use later to create user clusters. You need to create only one address pool using the anthos-addresspool-default name. Each user cluster is required to use VIPs from this address pool and can't re-use the same range of VIPs. VIPs must meet the same requirements as the VIPs used for the admin cluster and cannot overlap with the IP addresses of the nodes.

kubectl apply -f path/to/ADDRESS_POOL_FILENAME --kubeconfig=ADMIN_KUBECONFIG

Replace path/to/ADDRESS_POOL_FILENAME with the path to the address pool file, for example example-addresspool.yaml.

Example example-addresspool.yaml file:

kind: AddressPool
  name: anthos-addresspool-default
  description: DESCRIPTION

Replace the following:

  • DESCRIPTION: enter any additional instructions that you want to show in Management Center Console.
  • VIP_ADDRESS_POOL: the VIP address pool range, for example

Register Bootstrap Service

The Bootstrap Service is a mechanism used to preinstall extra resources like Storage Services and GPU drivers into user clusters after they are created to make them immediately available for use. Create the Bootstrap Services before you create the user clusters that need these services.

  1. Create the configmap which contains all the manifests needed to install the service.

    kubectl create configmap <configmap-name> --kubeconfig=ADMIN_KUBECONFIG \
      --from-file=path/to/MANIFESTS --namespace=anthos-management-center

    Replace path/to/MANIFESTS with the path to the manifest files.

  2. Create the Bootstrap Service object which refers to the configmap:

    kind: BootstrapService
      namespace: anthos-management-center
      # If set to True, this configuration can be applied to many user clusters,
      # e.g. a GPU driver configuration. If False, this configuration can only be
      # applied to a single user cluster, e.g. a CSI Driver + StorageClass
      # combination which is intended for exclusive use by a single user cluster.
      # Defaults to False.
      isReusable: False
        name: CONFIGMAP_NAME
        namespace: anthos-management-center

    Replace the following:

    • BOOTSTRAP_SERVICE_NAME: the name of the Bootstrap Service.
    • CONFIGMAP_NAME: the name of the configmap that you created in the previous step.
  3. Repeat these steps if more Bootstrap Services are needed.