Skip to content

[EPIC] Day 2 Ops for Imported RKE2/K3S Clusters #16453

Open
0 of 3 issues completed
#18064
Open
[EPIC] Day 2 Ops for Imported RKE2/K3S Clusters#16453
0 of 3 issues completed
#18064
Assignees
mantis-toboggan-mdeva-vashkevich
Labels
QA/dev-automationIssues that engineers have written automation around so QA doesn't have look at thisRFDarea/clusterprovisioningv2area/dashboardheadlineHeadline item being tracked at top-levelkind/enhancementpriority/0
Milestone
v2.15.0
@richard-cox

Description

@richard-cox
richard-cox
opened on Jan 23, 2026

RFD: https://github.com/SUSE/rancher-architecture/pull/38
rancher/rancher#54228
Support day 2 operations for imported rke2/k3s and CAPI clusters

  • etcd snapshot create + restore
  • certificate rotation
  • encryption key rotation

Currently

these are managed via updating the v2prov provisioning.cattle.io cluster.

  • rkeConfig.etcdSnapshotRestore|etcdSnapshotcreate|rotateEncryptionKets|rotateCertifcates props

the same provisioning cluster object also contains configuration

  • automatic snapshots
  • snapshot location
  • metrics

Changes

These apply to all supported types

  • v2prov clusters
    • old method will continue to be supported, but be deprecated
    • migrate from old method to new method needs to happen, but doesn't have to be in same milestone
  • imported rke2/k3s clusters
  • CAPI clusters (not v2prov capi clusters, these should be covered by first point)

Changes

  • create/edit clusters
    • all types
      • operation config
      • stored in prov cluster for v2prov, otherwise mgmt cluster
      • object is the same regardless of which cluster type config is stored inmap?
    • mgmt cluster type
      • option to enable day 2 operations. default value is imported-cluster-day-2-operations-default setting
  • operations
    • types
      • etcd snapshot create + restore
        • for imported and capi clusters add snapshots tab to detail page
          • list v1/rke.cattle.io.etcdsnapshots (with same columns as v2prov)
            • create snapshot via new operation
              • visible if user can create the operation CR
            • delete snapshot as before
              • visible if user can delete the etcd snapshot resource
            • restore snapshot via new operation
              • visible if user can create the operation CR
        • cluster actions
          • take snapshot via new operation
            • visible if user can create the operation CR
          • restore snapshot - model updated with new operation
            • visible if user can create the operation CR
        • snapshot configuration
          • TBD automatic snapshots, snapshot location, metrics
      • certificate rotation
        • cluster actions
          • rotate - model updated with new operation
          • visible if user can create the operation CR
      • encryption key rotation
        • cluster actions
          • rotate - model updated with new operation
          • visible if user can create the operation CR
    • TBD Users can list the different operations
      • users can pause or cancel (delete) operation

Metadata

Metadata

Assignees

Labels

QA/dev-automationIssues that engineers have written automation around so QA doesn't have look at thisRFDarea/clusterprovisioningv2area/dashboardheadlineHeadline item being tracked at top-levelkind/enhancementpriority/0

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions