Registering resources

This page is for infrastructure operators.

After you install Anthos Management Center, you must register the machines, address pool, and Bootstrap Services. If you already registered your resources by editing the Management Center config file before you installed Management Center, you can skip this page, unless you are registering additional resources.

Register inventory machines

For a platform administrator to create a user cluster, Anthos private mode needs a pool of idle machines available. In this section, you register inventory machines to the Anthos admin cluster for the platform administrator to use later to create a user cluster. Those machines must meet the same requirements as the admin cluster nodes.

kubectl apply -f path/to/example-machine.yaml --kubeconfig=ADMIN_KUBECONFIG

Example example-machine.yaml file:

apiVersion: baremetal.cluster.gke.io/v1alpha1
kind: InventoryMachine
metadata:
  name: IP_ADDRESS
  labels:
    "KEY": "VALUE"
spec:
  address: IP_ADDRESS

Replace the following:

  • IP_ADDRESS: the IP address of the machine, for example 10.200.0.10.
  • KEY:VALUE: a key:value pair, for example "rack": "r1020" to indicate a rack location.

The labels are free-form key-value pairs that are attached to the resource. These labels can be used later in Management Center to filter machines. For example, you can use the labels to identify rack location or special hardware configurations.

Optional: Using different SSH keys for inventory machines

By default, Anthos private mode uses the SSH key provided by sshPrivateKeyPath (used to access machines for the admin cluster) to access these inventory machines. To have more isolation between admin cluster machines and inventory machines (used for user clusters), you can use a different SSH key for inventory machines. Create the SSH keys before you create the user clusters that need these keys.

  1. Distribute the SSH public key to all the inventory machines.

  2. Store the SSH private key as secret in the admin cluster, for example user-cluster-ssh-key.

    kubectl create secret generic user-cluster-ssh-key -n anthos-creds --kubeconfig=ADMIN_KUBECONFIG \
      --from-file=id_rsa=/path/to/KEYPAIR_PRIVATE_KEY_FILENAME
    

    Replace /path/to/KEYPAIR_PRIVATE_KEY_FILENAME with the path to output the key pair to.

  3. When creating user clusters, specify the secret created in step 1, such as user-cluster-ssh-key, under the namespace anthos-creds.

    This is supported only when creating clusters with the API. Add the SSH key in the cluster definition inside the user cluster yaml file as sshKeySecret and specify imagePullSecret, for example:

      apiVersion: baremetal.cluster.gke.io/v1
      kind: Cluster
      metadata:
        name: CLUSTER_NAME
        namespace: cluster-CLUSTER_NAME
      spec:
        type: user
        credentials:
          sshKeySecret:
            name: user-cluster-ssh-key
            namespace: anthos-creds
          ....
        nodeAccess:
          loginUser: LOGIN_USERNAME
          ....
    

    Replace the following:

    • CLUSTER_NAME: The name of the cluster.
    • LOGIN_USERNAME: The username used to log into the user cluster.

Register VIP address pool

For the platform administrator to create a user cluster, other than InventoryMachines, Anthos needs a pool of all available virtual IP addresses (VIPs). This pool is used by Management Center Console to show the platform admin which VIPs are available and to validate the VIP availability during user cluster creation.

In this section, you register an AddressPool to the Anthos admin cluster to use later to create user clusters. You need to create only one address pool using the anthos-addresspool-default name. Each user cluster is required to use VIPs from this address pool and can't re-use the same range of VIPs. VIPs must meet the same requirements as the VIPs used for the admin cluster and cannot overlap with the IP addresses of the nodes.

kubectl apply -f path/to/ADDRESS_POOL_FILENAME --kubeconfig=ADMIN_KUBECONFIG

Replace path/to/ADDRESS_POOL_FILENAME with the path to the address pool file, for example example-addresspool.yaml.

Example example-addresspool.yaml file:

apiVersion: managementcenter.anthos.cloud.google.com/v1
kind: AddressPool
metadata:
  name: anthos-addresspool-default
spec:
  description: DESCRIPTION
  addresses:
  - VIP_ADDRESS_POOL

Replace the following:

  • DESCRIPTION: enter any additional instructions that you want to show in Management Center Console.
  • VIP_ADDRESS_POOL: the VIP address pool range, for example 10.200.0.100-10.200.0.200.

Register Bootstrap Service

The Bootstrap Service is a mechanism used to preinstall extra resources like Storage Services and GPU drivers into user clusters after they are created to make them immediately available for use. Create the Bootstrap Services before you create the user clusters that need these services.

  1. Create the configmap which contains all the manifests needed to install the service.

    kubectl create configmap <configmap-name> --kubeconfig=ADMIN_KUBECONFIG \
      --from-file=path/to/MANIFESTS --namespace=anthos-management-center
    

    Replace path/to/MANIFESTS with the path to the manifest files.

  2. Create the Bootstrap Service object which refers to the configmap:

    apiVersion: managementcenter.anthos.cloud.google.com/v1
    kind: BootstrapService
    metadata:
      name: BOOTSTRAP_SERVICE_NAME
      namespace: anthos-management-center
    spec:
      # If set to True, this configuration can be applied to many user clusters,
      # e.g. a GPU driver configuration. If False, this configuration can only be
      # applied to a single user cluster, e.g. a CSI Driver + StorageClass
      # combination which is intended for exclusive use by a single user cluster.
      # Defaults to False.
      isReusable: False
      configMapRef:
        name: CONFIGMAP_NAME
        namespace: anthos-management-center
    

    Replace the following:

    • BOOTSTRAP_SERVICE_NAME: the name of the Bootstrap Service.
    • CONFIGMAP_NAME: the name of the configmap that you created in the previous step.
  3. Repeat these steps if more Bootstrap Services are needed.