Import Standard Kubernetes Cluster
Supports integrating standard native Kubernetes clusters deployed with kubeadm into the platform for unified management.
TOC
Terminology
| Term | Description |
|---|---|
| Managed Kubernetes Cluster | A type of Kubernetes cluster provided by cloud vendors, where the Master nodes and their components are managed by the vendor. Users cannot log in or manage the Master nodes. |
| Unmanaged Kubernetes Cluster | In contrast, some cloud vendors provide clusters where users manage the Master nodes, such as Alibaba Cloud ACK Dedicated Edition or Tencent Cloud TKE Independent Cluster. |
Prerequisites
- Kubernetes and related components in the cluster must meet the version and parameter requirements.
- If the runtime is Containerd, update the Containerd configuration before integration to ensure distributed storage can be deployed successfully.
Notes
By default, the platform monitors NIC traffic matching eth.*|en.*|wl.*|ww.*. If your NIC uses a different naming convention, update the configuration after integration following [Custom NIC Monitoring].
Obtain Registry Address
-
To use the registry deployed by the platform during global cluster installation, run the following on a global control node:
-
To use an external registry, set REGISTRY manually:
Check if Extra Registry Config is Needed
-
Run the following to check if the registry supports HTTPS with a trusted CA certificate:
-
If check fails, see How to trust an insecure registry?
Get Cluster Info
Refer to How to fetch cluster information?.
Integrate Cluster
-
In the left navigation, go to Cluster Management > Clusters.
-
Click Import Cluster.
-
Configure parameters as below:
Parameter Description Registry Registry storing required platform component images. Options: Platform Default (configured during global setup), Private Registry (requires address, port, username, password), Public Registry (requires cloud credential update). Cluster Info Can be entered manually or parsed from a KubeConfig file. Required fields: Cluster Address, CA Certificate (Base64 decoded if entered manually), and Authentication (token or client certificate with cluster-admin rights). -
Click Check Connectivity. The platform verifies network access and auto-detects cluster type.
-
If successful, click Import to complete.
Progress can be viewed via the execution progress dialog (status.conditions). Once integrated, the cluster appears as healthy in the list.
Network Configuration
Ensure connectivity between the global cluster and the imported cluster.
FAQ
Why is the "Add Node" button disabled?
For both managed and unmanaged clusters, adding nodes through the platform UI is not supported. Add nodes directly or via the vendor.
Which certificates are supported?
- Kubernetes Certificates: Only API Server certificates can be viewed; other certificates are unsupported and will not auto-rotate.
- Platform Component Certificates: Viewable and auto-rotatable.
Which features are unsupported?
- Managed clusters: Audit logs are not available.
- Managed clusters: ETCD, Scheduler, Controller Manager monitoring not supported (only API Server metrics available).
- All clusters: Certificates other than API Server are not supported.
How to fix Containerd runtime causing distributed storage deployment failures?
When using Containerd, distributed storage deployment fails unless you adjust Containerd settings on all nodes:
- Edit
/etc/systemd/system/containerd.service, setLimitNOFILE=1048576. - Run
systemctl daemon-reload. - Restart Containerd:
systemctl restart containerd. - On control nodes, restart distributed storage pods: