feat: minor changes to Azure joinMC script (Azure#894)

hack/Azure/setup/README.md

@@ -30,9 +30,12 @@ export SUB=<AZURE-SUBSCRIPTION-ID>
 export RESOURCE_GROUP=<HUB_RESOURCE_GROUP>
 export LOCATION=<HUB_LOCATION>
 
-# Run the script. Be sure to replace the values of <HUB-CLUSTER-NAME> with those of your own.
+# Run the script. Be sure to replace the values of <IMAGE-TAG> <HUB-CLUSTER-NAME> with those of your own.
+# The latest fleet image tag could be found here https://github.com/Azure/fleet/releases.
+# Ex.: ./hack/setup/createHubCluster.sh v0.10.8 test-hub
+# Run the script.
 chmod +x hack/Azure/setup/createHubCluster.sh
-./hack/Azure/setup/createHubCluster.sh <HUB-CLUSTER-NAME>
+./hack/Azure/setup/createHubCluster.sh <IMAGE-TAG> <HUB-CLUSTER-NAME>
 ```
 
 It may take a few minutes for the script to finish running. Once it is completed, verify that the `hub-agent` has been installed:
@@ -90,12 +93,12 @@ A cluster can join in a hub cluster if:
 For your convenience, Fleet provides a script that can automate the process of joining a cluster
 onto a hub cluster. To use the script, run the commands below after creating needed AKS clusters:
 ```sh
-# Pass in the hub cluster name and a list of cluster context names (separated by a space) as arguments to the script that you would like to 
-# join the fleet as member clusters. Their context will be used to access the cluster.
-# Ex.: ./hack/setup/joinMC.sh test-hub member member2 member3 
+# Pass in the fleet image tag, hub cluster name and a list of cluster context names (separated by a space) as arguments to the script that you would like to 
+# join the fleet as member clusters. Their context will be used to access the cluster. The latest fleet image tag can be found here https://github.com/Azure/fleet/releases.
+# Ex.: ./hack/setup/joinMC.sh v0.10.8 test-hub member member2 member3 
 # Run the script.
 chmod +x hack/Azure/setup/joinMC.sh
-./hack/Azure/setup/joinMC.sh <HUB-CLUSTER-NAME> <MEMBER-CLUSTER-NAME-1> <MEMBER-CLUSTER-NAME-2> <MEMBER-CLUSTER-NAME-3> <MEMBER-CLUSTER-NAME-4>
+./hack/Azure/setup/joinMC.sh <IMAGE-TAG> <HUB-CLUSTER-NAME> <MEMBER-CLUSTER-NAME-1> <MEMBER-CLUSTER-NAME-2> <MEMBER-CLUSTER-NAME-3> <MEMBER-CLUSTER-NAME-4>
 ```
 
 It may take a few minutes for the script to finish running. Once it is completed, verify

hack/Azure/setup/createHubCluster.sh

@@ -1,6 +1,7 @@
 # This script creates a Hub CLuster from an AKS Cluster (AKS Cluster and Container Registry must be created beforehand).
 
-export HUB_CLUSTER=$1
+export IMAGE_TAG=$1
+export HUB_CLUSTER=$2
 
 az account set -s ${SUB}
 az group create --name $RESOURCE_GROUP --location $LOCATION
@@ -16,7 +17,6 @@ kubectl config use-context $HUB_CLUSTER_CONTEXT
 # Retrieve the hub agent image
 echo "Retrieving hub-agent image..."
 export REGISTRY="mcr.microsoft.com/aks/fleet"
-export TAG=$(curl "https://api.github.com/repos/Azure/fleet/tags" | jq -r '.[0].name')
 export OUTPUT_TYPE="${OUTPUT_TYPE:-type=docker}"
 
 
@@ -25,7 +25,7 @@ echo "Installing hub-agent..."
 helm install hub-agent charts/hub-agent/ \
   --set image.pullPolicy=Always \
   --set image.repository=$REGISTRY/hub-agent \
-  --set image.tag=$TAG \
+  --set image.tag=$IMAGE_TAG \
   --set logVerbosity=2 \
   --set namespace=fleet-system \
   --set enableWebhook=false \

hack/Azure/setup/joinMC.sh

@@ -1,27 +1,36 @@
-# CAN ONLY BE RUN AFTER CREATING NEEDED AKS CLUSTERS AND HUB CLUSTER. This script creates member clusters from
-# AKS Cluster's and joins them onto the hub cluster.
+# CAN ONLY BE RUN AFTER CREATING NEEDED AKS CLUSTERS AND HUB CLUSTER. This script creates member clusters for
+# AKS Clusters and joins them onto the hub cluster.
 
-export HUB_CLUSTER="$1"
+export IMAGE_TAG="$1"
+
+export HUB_CLUSTER="$2"
 export HUB_CLUSTER_CONTEXT=$(kubectl config view -o jsonpath="{.contexts[?(@.context.cluster==\"$HUB_CLUSTER\")].name}")
 export HUB_CLUSTER_ADDRESS=$(kubectl config view -o jsonpath="{.clusters[?(@.name==\"$HUB_CLUSTER\")].cluster.server}")
 
-for MC in "${@:2}"; do
+echo "Switching into hub cluster context..."
+kubectl config use-context $HUB_CLUSTER_CONTEXT
+
+echo "Delete existing namespace to host resources required to connect to fleet"
+kubectl delete namespace connect-to-fleet --ignore-not-found=true
+
+echo "Create namespace to host resources required to connect to fleet"
+kubectl create namespace connect-to-fleet
+
+for MC in "${@:3}"; do
 
 # Note that Fleet will recognize your cluster with this name once it joins.
 export MEMBER_CLUSTER=$(kubectl config view -o jsonpath="{.contexts[?(@.context.cluster==\"$MC\")].name}")
 export MEMBER_CLUSTER_CONTEXT=$(kubectl config view -o jsonpath="{.contexts[?(@.context.cluster==\"$MC\")].name}")
 
 export SERVICE_ACCOUNT="$MEMBER_CLUSTER-hub-cluster-access"
 
-#echo "Switching into hub cluster context..."
-kubectl config use-context $HUB_CLUSTER_CONTEXT
 # The service account can, in theory, be created in any namespace; for simplicity reasons,
-# here you will use the namespace reserved by Fleet installation, `fleet-system`.
+# we create our own namespace `connect-to-fleet` to host the service account and the secret.
 #
 # Note that if you choose a different value, commands in some steps below need to be
 # modified accordingly.
 echo "Creating member service account..."
-kubectl create serviceaccount $SERVICE_ACCOUNT -n fleet-system
+kubectl create serviceaccount $SERVICE_ACCOUNT -n connect-to-fleet
 
 echo "Creating member service account secret..."
 export SERVICE_ACCOUNT_SECRET="$MEMBER_CLUSTER-hub-cluster-access-token"
@@ -30,14 +39,14 @@ apiVersion: v1
 kind: Secret
 metadata:
     name: $SERVICE_ACCOUNT_SECRET
-    namespace: fleet-system
+    namespace: connect-to-fleet
     annotations:
         kubernetes.io/service-account.name: $SERVICE_ACCOUNT
 type: kubernetes.io/service-account-token
 EOF
 
 echo "Creating member cluster CR..."
-export TOKEN="$(kubectl get secret $SERVICE_ACCOUNT_SECRET -n fleet-system -o jsonpath='{.data.token}' | base64 --decode)"
+export TOKEN="$(kubectl get secret $SERVICE_ACCOUNT_SECRET -n connect-to-fleet -o jsonpath='{.data.token}' | base64 --decode)"
 cat <<EOF | kubectl apply -f -
 apiVersion: cluster.kubernetes-fleet.io/v1beta1
 kind: MemberCluster
@@ -47,7 +56,7 @@ spec:
     identity:
         name: $MEMBER_CLUSTER-hub-cluster-access
         kind: ServiceAccount
-        namespace: fleet-system
+        namespace: connect-to-fleet
         apiGroup: ""
     heartbeatPeriodSeconds: 15
 EOF
@@ -61,7 +70,6 @@ EOF
 # more information.
 echo "Retrieving image..."
 export REGISTRY="mcr.microsoft.com/aks/fleet"
-export FLEET_VERSION="${FLEET_VERSION:-$(curl "https://api.github.com/repos/Azure/fleet/tags" | jq -r '.[0].name')}"
 export MEMBER_AGENT_IMAGE="member-agent"
 export REFRESH_TOKEN_IMAGE="${REFRESH_TOKEN_NAME:-refresh-token}"
 export OUTPUT_TYPE="${OUTPUT_TYPE:-type=docker}"
@@ -71,7 +79,7 @@ kubectl config use-context $MEMBER_CLUSTER_CONTEXT
 
 # Create the secret with the token extracted previously for member agent to use.
 echo "Creating secret..."
-kubectl delete secret hub-kubeconfig-secret
+kubectl delete secret hub-kubeconfig-secret --ignore-not-found=true
 kubectl create secret generic hub-kubeconfig-secret --from-literal=token=$TOKEN
 
 echo "Uninstalling member-agent..."
@@ -81,9 +89,9 @@ echo "Installing member-agent..."
 helm install member-agent charts/member-agent/ \
         --set config.hubURL=$HUB_CLUSTER_ADDRESS  \
         --set image.repository=$REGISTRY/$MEMBER_AGENT_IMAGE \
-        --set image.tag=$FLEET_VERSION \
+        --set image.tag=$IMAGE_TAG \
         --set refreshtoken.repository=$REGISTRY/$REFRESH_TOKEN_IMAGE \
-        --set refreshtoken.tag=$FLEET_VERSION \
+        --set refreshtoken.tag=$IMAGE_TAG \
         --set image.pullPolicy=Always \
         --set refreshtoken.pullPolicy=Always \
         --set config.memberClusterName=$MEMBER_CLUSTER \
@@ -95,4 +103,4 @@ helm install member-agent charts/member-agent/ \
 kubectl get pods -A
 kubectl config use-context $HUB_CLUSTER_CONTEXT
 kubectl get membercluster $MEMBER_CLUSTER
-done
+done