Cluster controller

Cluster controller is responsible for handling certain Kubernetes actions such as draining and deleting nodes, adding labels, approving CSR requests. It's open source and can be found on github.

Install cluster-controller

By default cluster controller is installed during your cluster onboarding using helm chart https://github.com/castai/helm-charts/tree/main/charts/castai-cluster-controller

If for some reasons it was uninstalled you can install it manually.

Add CAST AI helm charts repository.

helm repo add castai-helm https://castai.github.io/helm-charts
helm repo update

You can list all available components and versions.

helm search repo castai-helm

Expected example output

NAME                                    CHART VERSION   APP VERSION     DESCRIPTION
castai-helm/castai-agent                0.18.0          v0.23.0         CAST AI agent deployment chart.
castai-helm/castai-cluster-controller   0.17.0          v0.14.0         CAST AI cluster controller deployment chart.
castai-helm/castai-evictor              0.10.0          0.5.1           Cluster utilization defragmentation tool
castai-helm/castai-spot-handler         0.3.0           v0.3.0          CAST AI spot handler daemonset chart.

Now let's install it.

helm upgrade --install cluster-controller castai-helm/castai-cluster-controller -n castai-agent \
  --set castai.apiKey=<your-api-token> \
  --set castai.clusterID=<your-cluster-id>

Upgrade cluster-controller

Cluster controller supports auto-update out of the box and is enabled by default. However sometimes it cannot be updated due to changes in RBAC and requires manual upgrade.

Upgrade to latest version.

# requires helm eq or above 3.14.0
helm repo update
helm upgrade cluster-controller castai-helm/castai-cluster-controller --reset-then-reuse-values  -n castai-agent 

Troubleshooting

Check cluster-controller logs

kubectl logs -l app.kubernetes.io/name=castai-cluster-controller -n castai-agent

Auto updates

By default, the cluster-controller component can update itself by receiving an update action (scheduled by CAST AI). It can also update other components, such as castai-evictor, castai-spot-handler or castai-agent as well with one caveat: the cluster-controller can't change permissions for other components (and for the cluster-controller itself either).

However, permission changes are sometimes required for new features. To make this possible, you can explicitly bind a role such as cluster-admin to a cluster-controller service account. This will allow the cluster-controller to manage other CAST AI components automatically without issue.

cat <<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: castai-cluster-controller-admin
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: castai-cluster-controller
    namespace: castai-agent
EOF