Docker Enterprise Container Cloud provider

Docker Enterprise Container Cloud provider

The Docker Enterprise (DE) Container Cloud provider is the central component of DE Container Cloud that provisions a node of a management, regional, or managed cluster and runs the LCM agent on this node. It runs in a management and regional clusters and requires connection to a provider back end.

The DE Container Cloud provider interacts with the following types of public API objects:

Public API object name

Description

DE Container Cloud release object

Contains the following information about clusters:

  • Version of the supported Cluster release for a management and regional clusters

  • List of supported Cluster releases for the managed clusters and supported upgrade path

  • Description of Helm charts that are installed on the management and regional clusters depending on the selected provider

Cluster release object

  • Provides a specific version of a management, regional, or managed cluster. Any Cluster release object, as well as a DE Container Cloud release object never changes, only new releases can be added. Any change leads to a new release of a cluster.

  • Contains references to all components and their versions that are used to deploy all cluster types:

    • LCM components:

      • LCM agent

      • Ansible playbooks

      • Scripts

      • Description of steps to execute during a cluster deployment and upgrade

      • Helm controller image references

    • Supported Helm charts description:

      • Helm chart name and version

      • Helm release name

      • Helm values

Cluster object

  • References the Credentials, KaaSRelease and ClusterRelease objects.

  • Is tied to a specific DE Container Cloud region and provider.

  • Represents all cluster-level resources. For example, for the OpenStack-based clusters, it represents networks, load balancer for the Kubernetes API, and so on. It uses data from the Credentials object to create these resources and data from the KaaSRelease and ClusterRelease objects to ensure that all lower-level cluster objects are created.

Machine object

  • References the Cluster object.

  • Represents one node of a managed cluster, for example, an OpenStack VM, and contains all data to provision it.

Credentials object

  • Contains all information necessary to connect to a provider back end.

  • Is tied to a specific DE Container Cloud region and provider.

PublicKey object

Is provided to every machine to obtain an SSH access.

The following diagram illustrates the DE Container Cloud provider data flow:

_images/provider-dataflow.png

The DE Container Cloud provider performs the following operations in DE Container Cloud:

  • Consumes the below types of data from a management and regional cluster:

    • Credentials to connect to a provider back end

    • Deployment instructions from the KaaSRelease and ClusterRelease objects

    • The cluster-level parameters from the Cluster objects

    • The machine-level parameters from the Machine objects

  • Prepares data for all DE Container Cloud components:

    • Creates the LCMCluster and LCMMachine custom resources for LCM controller and LCM agent. The LCMMachine custom resources are created empty to be later handled by the LCM controller.

    • Creates the the HelmBundle custom resources for the Helm controller using data from the KaaSRelease and ClusterRelease objects.

    • Creates service accounts for these custom resources.

    • Creates a scope in Identity and access management (IAM) for a user access to a managed cluster.

  • Provisions nodes for a managed cluster using the cloud-init script that downloads and runs the LCM agent.