From cef7dad883a60ab34f778d2c4fd03fdb33b658b1 Mon Sep 17 00:00:00 2001 From: Vasudev Bongale Date: Fri, 26 Jan 2024 09:38:51 +0530 Subject: [PATCH] update faq and api-resources docs for allowed propagating apis flag --- docs/api-references.md | 2 +- docs/faq.md | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/api-references.md b/docs/api-references.md index f3f9e62cf..03d8f6a5b 100644 --- a/docs/api-references.md +++ b/docs/api-references.md @@ -228,7 +228,7 @@ _Appears in:_ ClusterResourcePlacement is used to select cluster scoped resources, including built-in resources and custom resources, and placement them onto selected member clusters in a fleet. - If a namespace is selected, ALL the resources under the namespace are placed to the target clusters. Note that you can't select the following resources: - reserved namespaces including: default, kube-* (reserved for Kubernetes system namespaces), fleet-* (reserved for fleet system namespaces). - reserved fleet resource types including: MemberCluster, InternalMemberCluster, ClusterResourcePlacement, ClusterSchedulingPolicySnapshot, ClusterResourceSnapshot, ClusterResourceBinding, etc. + If a namespace is selected, ALL the resources under the namespace are placed to the target clusters unless `allowed-propagating-apis` flag is configured on hub-agent. Note that you can't select the following resources: - reserved namespaces including: default, kube-* (reserved for Kubernetes system namespaces), fleet-* (reserved for fleet system namespaces). - reserved fleet resource types including: MemberCluster, InternalMemberCluster, ClusterResourcePlacement, ClusterSchedulingPolicySnapshot, ClusterResourceSnapshot, ClusterResourceBinding, etc. `ClusterSchedulingPolicySnapshot` and `ClusterResourceSnapshot` objects are created when there are changes in the system to keep the history of the changes affecting a `ClusterResourcePlacement`. _Appears in:_ diff --git a/docs/faq.md b/docs/faq.md index ad41296d2..0100b8644 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -36,6 +36,8 @@ The fleet reserved namespace are `fleet-system` and `fleet-member-{clusterName}` ## What kind of the resources are allowed to be propagated from the hub cluster to the member clusters? How can I control the list? +The resources to be propagated from the hub cluster to the member clusters can be controlled by either an exclude/skip list or an include/allow list which are mutually exclusive. + `ClusterResourcePlacement` excludes certain groups/resources when propagating the resources by default. They are defined [here](https://github.com/Azure/fleet/blob/main/pkg/utils/apiresources.go). - `k8s.io/api/events/v1` (group) - `k8s.io/api/coordination/v1` (group) @@ -46,6 +48,8 @@ The fleet reserved namespace are `fleet-system` and `fleet-member-{clusterName}` You can use `skipped-propagating-apis` and `skipped-propagating-namespaces` flag when installing the hub-agent to skip resources from being propagated by specifying their group/group-version/group-version-kind and namespaces. +You can use `allowed-propagating-apis` flag on the hub-agent to only allow propagation of desired set of resources specified in the form of group/group-version/group-version-kind. This flag is mutually exclusive with `skipped-propagating-apis`. + ## What happens to existing resources in member clusters when their definitions conflict with the desired resources in the hub cluster? In case of a conflict, where a resource already exists on the member cluster, the apply operation fails when trying to propagate the same resource from the hub cluster.