A reusable GitOps framework for multi-cluster management. Clone this repository to instantly deploy a complete OpenShift hub cluster that can provision and manage regional clusters at scale.
# 1. Clone and bootstrap
git clone https://github.com/openshift-online/bootstrap.git
cd bootstrap
oc login https://api.your-hub-cluster.example.com:6443
oc apply -k clusters/global/
# 2. Add your first cluster
./bin/cluster-create
# 3. Done - GitOps handles the restThis repository provides a complete reusable infrastructure:
- Self-Managing Hub - ArgoCD, ACM, Vault, Pipelines all configured automatically
- GitOps-Native - ArgoCD manages all cluster resources automatically
- Automatic Provisioning - OpenShift (via Hive) and EKS (via CAPI) cluster creation
- Zero-Config GitOps - ApplicationSets with proper dependency ordering
- Semantic Organization - Intuitive directory structure for easy navigation
Key benefit: From zero to production-ready multi-cluster environment in minutes, not days.
Hub-Spoke Model: One OpenShift hub cluster manages multiple regional clusters (OpenShift or EKS) using GitOps automation.
- Hub Cluster: Runs ArgoCD, ACM, and all cluster management operators
- Managed Clusters: Regional OpenShift (OCP) or EKS clusters provisioned and managed automatically
- Automated Provisioning: Single command creates complete cluster overlays with proper GitOps integration
The repository uses semantic directory organization designed for intuitive navigation. Each directory level follows consistent patterns that clearly indicate purpose and scope.
Top-level directories:
clusters/- All cluster resources (hub and managed)bases/- Reusable template componentsbin/- Management scripts
Consolidated structure:
clusters/
├── global/ # Hub cluster resources
│ ├── operators/ # ACM, GitOps, Pipelines, Vault
│ ├── pipelines/ # Hub provisioner pipelines
│ └── gitops/ # ArgoCD ApplicationSets
└── {cluster-name}/ # Managed cluster (e.g., ocp-02, eks-01)
├── {cluster-name}.yaml # Cluster specification
├── cluster/ # Provisioning resources (Hive/CAPI)
├── operators/ # Cluster operators
├── pipelines/ # Cluster pipelines
├── deployments/ # Cluster deployments
└── gitops/ # Cluster GitOps apps
bases/
├── clusters/ # Cluster provisioning templates
├── operators/ # Operator base configurations
└── pipelines/ # Reusable Tekton pipelines# View all clusters
ls clusters/ # → global, ocp-02, ocp-03, eks-01
# View hub cluster resources
ls clusters/global/ # → operators, pipelines, gitops
ls clusters/global/operators/ # → advanced-cluster-management, gitops-integration, openshift-gitops, openshift-pipelines, vault
# View managed cluster resources
ls clusters/ocp-02/ # → ocp-02.yaml, cluster, operators, pipelines, deployments, gitops
# View reusable bases
ls bases/ # → clusters, operators, pipelinesPhase 1: Bootstrap from GitHub
git clone https://github.com/openshift-online/bootstrap.git
oc apply -k clusters/global/Phase 2: Self-Managing Cluster After bootstrap, your cluster becomes self-managing:
- ArgoCD continuously reconciles all cluster resources
- New clusters are automatically managed via ApplicationSets
- GitOps ensures declarative infrastructure as code
./bin/cluster-create # Interactive cluster specification
# GitOps automatically handles the restThe system automatically:
- ✅ Creates cluster provisioning resources (OpenShift/EKS)
- ✅ Generates pipeline deployments
- ✅ Configures operator installations
- ✅ Sets up service deployments
- ✅ Orders deployment with sync waves
- ✅ Integrates with ACM management
- REUSE.md - How to clone and reuse this repository
- BOOTSTRAP.md - Step-by-step bootstrap walkthrough
- docs/getting-started/QUICKSTART.md - 5-minute overview
- docs/architecture/ARCHITECTURE.md - Visual architecture diagrams
- OpenShift GitOps (ArgoCD): Manages all cluster deployments via ApplicationSets
- Red Hat Advanced Cluster Management (ACM): Multi-cluster lifecycle and governance
- Cluster API (CAPI): EKS cluster provisioning with AWS infrastructure provider
- Hive: OpenShift cluster provisioning operator
- OpenShift Pipelines (Tekton): CI/CD automation across all clusters
ApplicationSets deploy resources in ordered waves to ensure proper dependencies:
- Wave 1: Cluster provisioning (Hive ClusterDeployment or CAPI resources)
- Wave 2: Operator installation (OpenShift Pipelines operator)
- Wave 3: Pipeline deployment (Tekton Pipeline and PipelineRun resources)
- Wave 4: Service deployment (OCM database services and applications)
- Automated cluster registration: ACM automatically registers managed clusters with ArgoCD
- ApplicationSet pattern: Single ApplicationSet generates all required applications per cluster
- Resource exclusions: ArgoCD excludes transient resources like TaskRuns but allows Pipeline/PipelineRun
- Multi-platform support: Seamlessly manages both OpenShift and EKS clusters
sequenceDiagram
participant Admin
participant Generator as bin/cluster-generate
participant Git as Git Repository
participant Hub as Hub Cluster
participant ArgoCD
participant ACM
participant Target as Managed Cluster
Admin->>Generator: ./bin/cluster-create
Generator->>Git: Create overlays + ApplicationSet
Admin->>Hub: ./bin/bootstrap.sh
Hub->>ArgoCD: Deploy ApplicationSet
ArgoCD->>Git: Sync Wave 1 (cluster)
Git->>ArgoCD: Cluster resources
ArgoCD->>ACM: Deploy cluster (Hive/CAPI)
ACM->>Target: Provision cluster
Target->>ACM: Cluster ready
ACM->>ArgoCD: Register cluster
ArgoCD->>Git: Sync Wave 2-4 (operators→pipelines→services)
Git->>ArgoCD: Application resources
ArgoCD->>Target: Deploy applications
Target->>Admin: Multi-cluster environment ready
- Validation: All overlays include
kustomize buildvalidation and dry-run checks - Monitoring: Built-in status monitoring scripts for cluster provisioning
- Rollback: Clean rollback procedures for failed deployments
- Extensibility: Base template system allows easy addition of new services and pipelines
For detailed installation and troubleshooting guidance, see docs/getting-started/production-installation.md