Adding an External Kubernetes Cluster
This section describes how to add and manage existing Kubernetes clusters known as external clusters in KKP.
You can import or connect a cluster.
- Import: You can import a cluster via credentials. Imported Cluster can be viewed and edited i.e, upgrade the control plane version or scale the nodes. Currently, GKE, AKS, and EKS clusters are supported.
- Connect: You can also connect any other clusters in the KKP via kubeconfig. Connected clusters can only be viewed, not edited.
The KKP platform uses existing kubeconfig or generates the new one from the cloud provider API.
The KKP backend takes advantage of this kubeconfig to retrieve the cluster’s information, nodes, metrics, and events.
Every cluster update is performed only by the cloud provider client. There is no need to install any agent on the cloud provider side.
Prerequisites
The following requirements must be met to add an external Kubernetes cluster:
- The external Kubernetes cluster must already exist before you begin the import/connect process. Please refer to your cloud
provider documentation for instructions.
- The external Kubernetes cluster must be accessible using kubectl to get the information needed to add that cluster.
- Make sure the cluster kubeconfig or provider credentials have sufficient rights to manage the cluster (get, list, upgrade,
get kubeconfig)
Add External Cluster
To add a new external cluster go to Clusters
-> External Clusters
and click the Add External Cluster
button.
Select the Kubernetes cloud provider. You can add the following external clusters:
Connect Existing Cluster
KKP allows connecting any existing Kubernetes cluster as external cluster to view the cluster’s current status. To connect a cluster from any provider, click on Any Provider
and provide the cluster name and kubeconfig. It is important that the kubeconfig used to connect the cluster is using standard authentication mechanisms like certificates or ServiceAccount tokens. OIDC or provider-specific plugins are not supported.
If an existing kubeconfig uses custom authentication mechanisms, kubermatic-installer convert-kubeconfig
can (optionally) be used to create a ServiceAccount on the external cluster and fetch its token into a new kubeconfig.
You can then see the details of the cluster.
Cluster State
You can view the current state of your cluster by hovering the cursor over the small circle on the left of the cluster name.
Provisioning state depicts that the cluster is getting created:
Reconciling state depicts that the cluster is getting upgraded:
Deleted Cluster
If you delete the cluster from the provider, the state in KKP will be shown as Deleting
.
You can Disconnect
the deleted cluster by clicking on the disconnect icon next to the cluster you want to disconnect, which will delete internal cluster object in KKP.