github.com/ironcore-dev/gardener-extension-provider-ironcore@v0.3.2-0.20240314231816-8336447fb9a0/docs/usage/usage.md (about) 1 # Using the `ironcore` provider extension with Gardener as end-user 2 3 The [`core.gardener.cloud/v1beta1.Shoot` resource](https://github.com/gardener/gardener/blob/master/example/90-shoot.yaml) 4 declares a few fields that are meant to contain provider-specific configuration. 5 6 This document describes the configurable options for `ironcore` and provides an example `Shoot` manifest with minimal 7 configuration that can be used to create an `ironcore` cluster (modulo the landscape-specific information like cloud 8 profile names, secret binding names, etc.). 9 10 ## `ironcore` Provider Credentials 11 12 In order for Gardener to create a Kubernetes cluster using the `ironcore` infrastructure components, a Shoot has to 13 provide credentials with sufficient permissions to the desired `ironcore` project. 14 15 In the `ironcore` provider extension the infrastructure credential secret has to contain the following components: 16 `namespace` which is the namespace in the corresponding `ironcore` cluster, `username` which is the name of the 17 `ServiceAccount` in the `ironcore` cluster and a `token` which is the token generated for the `ServiceAccount`. An 18 example secret is shown below: 19 20 ```yaml 21 apiVersion: v1 22 kind: Secret 23 metadata: 24 name: my-credentials 25 namespace: garden-dev 26 type: Opaque 27 data: 28 namespace: my-ironcore-namespace 29 token: abcd1234 30 username: my-serviceaccount-user 31 ``` 32 33 ## `InfrastructureConfig` 34 35 The infrastructure configuration mainly describes how the network layout looks like in order to create the shoot worker 36 nodes in a later step, thus, prepares everything relevant to create VMs, load balancers, volumes, etc. 37 38 An example `InfrastructureConfig` for the `ironcore` extension looks as follows: 39 40 ```yaml 41 apiVersion: ironcore.provider.extensions.gardener.cloud/v1alpha1 42 kind: InfrastructureConfig 43 networkRef: 44 name: "my-network" 45 prefixRef: 46 name: "my-prefix" 47 ``` 48 49 Here the `networkRef` field refer to network and `prefixRef` field refer to prefix. Both are used for Shoot creation. 50 51 ## `ControlPlaneConfig` 52 53 The control plane configuration mainly contains values for the `ironcore` specific control plane components. 54 Today, the only components deployed by the `ironcore` extension is the `cloud-controller-manager` and the 55 `ironcore-csi-driver`. 56 57 An example `ControlPlaneConfig` for the `ironcore` extension looks as follows: 58 59 ```yaml 60 apiVersion: ironcore.provider.extensions.gardener.cloud/v1alpha1 61 kind: ControlPlaneConfig 62 cloudControllerManager: 63 featureGates: 64 CustomResourceValidation: true 65 ``` 66 67 The `cloudControllerManager.featureGates` contains a map of explicitly enabled or disabled feature gates. 68 For production usage it's not recommend to use this field at all as you can enable alpha features or disable beta/stable 69 features, potentially impacting the cluster stability. If you don't want to configure anything for the 70 `cloudControllerManager` simply omit the key in the YAML specification. 71 72 ## WorkerConfig 73 74 At this moment the `ironcore` extension does not have any worker specific provider configuration. 75 76 ## Example `Shoot` manifest 77 78 An example to a `Shoot` manifest [here](https://github.com/ironcore-dev/gardener-extension-provider-ironcore/blob/doc/usage-as-operator/docs/usage-as-operator.md): 79 80 ## CSI volume provisioners 81 82 Every `ironcore` Shoot cluster will be deployed with the `ironcore-csi-driver`.