Cluster Manager is the entry point for all your MicroClouds. It can be extended for monitoring and alerting.
This is an early version of cluster manager. Get started as an early adopter today!
You need to a juju controlled k8s environment. Deploy MicroCloud Cluster Manager along with its dependencies:
juju add-model cluster-manager
juju deploy postgresql-k8s --channel 14/stable --trust
juju deploy self-signed-certificates --trust
juju deploy traefik-k8s --trust
juju deploy microcloud-cluster-manager-k8s --trust
juju integrate postgresql-k8s:database microcloud-cluster-manager-k8s
juju integrate self-signed-certificates:certificates microcloud-cluster-manager-k8s
juju integrate self-signed-certificates:send-ca-cert microcloud-cluster-manager-k8s
juju integrate traefik-k8s:traefik-route microcloud-cluster-manager-k8s
For authentication you need an OIDC provider. You can use Auth0, Ory Hydra, Keycloak, Microsoft Entra among others. See LXD documentation on OIDC for how to configure the provider side. The callback path is /oidc/callback, but in contrast to LXD it must be without the port 8443 as cluster manager listens on the default port 443.
Configure the cluster manager charm with your auth provider:
juju config microcloud-cluster-manager-k8s oidc-issuer=https://example.com/
juju config microcloud-cluster-manager-k8s oidc-client-id=ababab
juju config microcloud-cluster-manager-k8s oidc-client-secret=cdcdcd
juju config microcloud-cluster-manager-k8s oidc-audience=https://example.com/api/v2/
Configure the domain for the management api and the cluster connector. You can also use externally exposed IP addresses, but using domains are recommended. The management-api-domain is the address for the management interface and its api. The cluster-connector-domain is used by clusters to send heartbeats to the cluster manager, it does not need to be exposed to public internet.
juju config microcloud-cluster-manager-k8s management-api-domain=example.com
juju config microcloud-cluster-manager-k8s cluster-connector-domain=cluster-connector.example.com
You might want to set the domain for your traefic controller
juju config traefik-k8s external_hostname=example.com
Now you can access the web ui via https://example.com
Alternatively, use the enroll-cluster command to create a join token for your first cluster on the command line
juju run microcloud-cluster-manager-k8s/0 enroll-cluster cluster=microcloud-01
You can extend Cluster Manager with the Canonical Observability Stack to have Grafana and Prometheus integrated:
juju add-model cos
juju deploy cos-lite --trust
juju offer prometheus:receive-remote-write
juju offer grafana:grafana-dashboard grafana-db
juju offer grafana:grafana-metadata
juju switch cluster-manager
juju integrate microcloud-cluster-manager-k8s:send-remote-write admin/cos.prometheus
juju integrate microcloud-cluster-manager-k8s:grafana-dashboard admin/cos.grafana-db
juju integrate microcloud-cluster-manager-k8s:grafana-metadata admin/cos.grafana
This will make a LXD dashboard available in Grafana. With the relation enabled, Cluster Manager starts forwarding metrics to the observability stack on each cluster heartbeat received.
To access Grafana, you can fetch the admin password with:
juju run --model cos grafana/leader get-admin-password
In the Cluster Manager web interface, you will see a new button on the cluster details page deep linking into the Grafana dashboard.
CAUTION: The install-core and install-deps targets have been tested only in an Ubuntu Linux environment and may not work on other operating systems. It is strongly recommended that you avoid running this directly on your host machine. Instead, use it as a convenient method for setting up a VM-based development environment.
To start the development environment, run these commands:
make install-core
make install-deps
sudo make add-hosts
make devThen in a separate terminal, run:
make uiNow you can access the UI at ma.microcloud-cm-example.local:8414. For more information on local development, please see the contributing guidelines.
Cluster Manager is a distributed web application with a Go backend and a React Typescript UI. The application runs in Kubernetes. For an overview of the system, see the architecture documentation.