Remove ClusterClaim and update ClusterSet version

1. Remove ClusterClaim CRD from manifests.
2. Update ClusterSet version from v1alpha1 to v1alpha2, and add a new field ClusterID
in ClusterSet CRD to define a cluster's ID, the new ClusterSet CR's name must match ClusterSetID.
3. Update Multi-cluster docs.

Signed-off-by: Lan Luo <[email protected]>

docs/multicluster/antctl.md

@@ -83,8 +83,8 @@ To see the usage examples of these commands, you may also run `antctl mc deploy
 ## antctl mc init
 
 `antctl mc init` command initializes an Antrea Multi-cluster ClusterSet in a leader cluster. It will create a
-ClusterSet and two ClusterClaims for the leader cluster. If the `-j|--join-config-file` option is specified, the
-ClusterSet join parameters will be saved to the specified file, which can be used in the `antctl mc join` command
+ClusterSet for the leader cluster. If the `-j|--join-config-file` option is specified, the ClusterSet join
+parameters will be saved to the specified file, which can be used in the `antctl mc join` command
 for a member cluster to join the ClusterSet.
 
 ```bash
@@ -96,8 +96,8 @@ To see the usage examples of this command, you may also run `antctl mc init --he
 ## antctl mc join
 
 `antctl mc join` command lets a member cluster join an existing Antrea Multi-cluster ClusterSet. It will create a
-ClusterSet and ClusterClaims for the member cluster. Users can use command line options or a config file (which can
-be the output file of the `anctl mc init` command) to specify the ClusterSet join arguments.
+ClusterSet for the member cluster. Users can use command line options or a config file (which can be the output
+file of the `anctl mc init` command) to specify the ClusterSet join arguments.
 
 When the config file is provided, the command line options may be overridden by the file. A token is needed for a
 member cluster to access the leader cluster API server. Users can either specify a pre-created token Secret with the
@@ -133,7 +133,7 @@ tokenSecretName: cluster-east-token
 
 ## antctl mc leave
 
-`antctl mc leave` command lets a member cluster leave a ClusterSet. It will delete the ClusterSet and ClusterClaims
+`antctl mc leave` command lets a member cluster leave a ClusterSet. It will delete the ClusterSet
 and other resources created by antctl for the member cluster.
 
 ```bash
@@ -143,7 +143,7 @@ antctl mc leave --clusterset CLUSTERSET_ID --namespace [NAMESPACE]
 ## antctl mc destroy
 
 `antctl mc destroy` command can destroy an Antrea Multi-cluster ClusterSet in a leader cluster. It will delete the
-ClusterSet and ClusterClaims and other resources created by antctl for the leader cluster.
+ClusterSet and other resources created by antctl for the leader cluster.
 
 ```bash
 antctl mc destroy --clusterset=CLUSTERSET_ID --namespace NAMESPACE

docs/multicluster/api.md

@@ -13,8 +13,7 @@ which is defined by Kubernetes upstream [KEP-1645](https://github.com/kubernetes
 
 | CRD                      | CRD version | Introduced in | Deprecated in / Planned Deprecation | Planned Removal |
 | ------------------------ | ----------- | ------------- | ----------------------------------- | --------------- |
-| `ClusterClaims`          | v1alpha2    | v1.8.0        | N/A                                 | N/A             |
-| `ClusterSets`            | v1alpha1    | v1.5.0        | N/A                                 | N/A             |
+| `ClusterSets`            | v1alpha2    | v1.13.0       | N/A                                 | N/A             |
 | `MemberClusterAnnounces` | v1alpha1    | v1.5.0        | N/A                                 | N/A             |
 | `ResourceExports`        | v1alpha1    | v1.5.0        | N/A                                 | N/A             |
 | `ResourceImports`        | v1alpha1    | v1.5.0        | N/A                                 | N/A             |
@@ -33,3 +32,5 @@ which is defined by Kubernetes upstream [KEP-1645](https://github.com/kubernetes
 | CRD                      | API group                    | CRD version | Introduced in | Deprecated in | Removed in |
 | ------------------------ | ---------------------------- | ----------- | ------------- | ------------- | ---------- |
 | `ClusterClaims`          | `multicluster.crd.antrea.io` | v1alpha1    | v1.5.0        | v1.8.0        | v1.8.0     |
+| `ClusterClaims`          | `multicluster.crd.antrea.io` | v1alpha2    | v1.8.0        | v1.13.0       | v1.13.0         |
+| `ClusterSets`            | `multicluster.crd.antrea.io` | v1alpha1    | v1.5.0         | v1.13.0       | N/A        |

docs/multicluster/architecture.md

@@ -25,9 +25,6 @@ Namespace sameness applies, which means all Namespaces with a given name are con
 be the same Namespace. The ClusterSet Custom Resource Definition(CRD) defines a ClusterSet
 including the leader and member clusters information.
 
-The ClusterClaim CRD is used to claim a ClusterSet with a unique ClusterSet ID, and to
-claim the cluster itself as a member of a ClusterSet with a unique cluster ID.
-
 The MemberClusterAnnounce CRD declares a member cluster configuration to the leader cluster.
 
 The Common Area is an abstraction in the Antrea Multi-cluster implementation provides a storage
@@ -44,14 +41,13 @@ it takes different responsibilities in leader and member clusters.
 
 ### ClusterSet Establishment
 
-In a member cluster, Multi-cluster Controller watches and validates the ClusterSet
-and ClusterClaim CRs, and creates a MemberClusterAnnounce CR in the Common Area of
-the leader cluster to join the ClusterSet.
+In a member cluster, Multi-cluster Controller watches and validates the ClusterSet,
+and creates a MemberClusterAnnounce CR in the Common Area of the leader cluster to
+join the ClusterSet.
 
-In the leader cluster, Multi-cluster controller watches and validates the
-ClusterSet and Clusterclaim CRs, and initializes the ClusterSet. It also validates
-the MemberClusterAnnounce CR created by a member cluster and adds the cluster to
-the ClusterSet CR's member cluster list.
+In the leader cluster, Multi-cluster controller watches, validates and initializes
+the ClusterSet. It also validates the MemberClusterAnnounce CR created by a member
+cluster and updates the member cluster's connection status to `ClusterSet.Status`.
 
 ### Resource Export and Import
 

docs/multicluster/upgrade.md

@@ -11,11 +11,11 @@ The goal is to support 'graceful' upgrade. Multi-cluster upgrade will not have d
 to data-plane of member clusters, but there can be downtime of processing new configurations
 when individual components restart:
 
-- During Leader Controller restart, new member cluster, ClusterSet, ClusterClaim or
-  ResourceExport will not be processed. This is because the Controller also runs the validation
-  webhooks for MemberClusterAnnounce, ClusterSet, ClusterClaim and ResourceExport.
-- During Member Controller restart, new ClusterSet or ClusterClaim will not be processed.
-  This is because the Controller runs the validation webhooks for ClusterSet and ClusterClaim.
+- During Leader Controller restart, a new member cluster, ClusterSet or ResourceExport will
+  not be processed. This is because the Controller also runs the validation webhooks for
+  MemberClusterAnnounce, ClusterSet and ResourceExport.
+- During Member Controller restart, a new ClusterSet will not be processed, this is because
+  the Controller runs the validation webhooks for ClusterSet.
 
 Our goal is to support version skew for different Antrea Multi-cluster components, but the
 Multi-cluster feature is still in Alpha version, and the API is not stable yet. Our recommendation

docs/multicluster/user-guide.md

@@ -163,14 +163,22 @@ An Antrea Multi-cluster ClusterSet should include at least one leader cluster
 and two member clusters. As an example, in the following sections we will create
 a ClusterSet `test-clusterset` which has two member clusters with cluster ID
 `test-cluster-east` and `test-cluster-west` respectively, and one leader cluster
-with ID `test-cluster-north`.
+with ID `test-cluster-north`. Please note that the name of a ClusterSet CR must
+match the ClusterSet ID. In all the member and leader clusters of a ClusterSet,
+the ClusterSet CR must use the ClusterSet ID as the name, e.g. `test-clusterset`
+in the example of this guide.
 
 #### Set up Access to Leader Cluster
 
 We first need to set up access to the leader cluster's API server for all member
 clusters. We recommend creating one ServiceAccount for each member for
 fine-grained access control.
 
+The Multi-cluster Controller deployment manifest for a leader cluster also creates
+a default member cluster token. If you prefer to use the default token, you can skip
+step 1 and replace the Secret name `member-east-token` to the default token Secret
+`antrea-mc-member-access-token` in step 2.
+
 1. Apply the following YAML manifest in the leader cluster to set up access for
    `test-cluster-east`:
 
@@ -220,64 +228,35 @@ fine-grained access control.
 
 #### Initialize ClusterSet
 
-In all clusters, a `ClusterSet` CR must be created to define the ClusterSet, and
-two `ClusterClaim` CRs must be created to claim the ClusterSet and claim the
+In all clusters, a `ClusterSet` CR must be created to define the ClusterSet and claim the
 cluster is a member of the ClusterSet.
 
-- Create `ClusterClaim` and `ClusterSet` in the leader cluster
-`test-cluster-north` with the following YAML manifest (you can also refer to
-[leader-clusterset-template.yml](../../multicluster/config/samples/clusterset_init/leader-clusterset-template.yml)):
+- Create `ClusterSet` in the leader cluster `test-cluster-north` with the following YAML
+  manifest (you can also refer to [leader-clusterset-template.yml](../../multicluster/config/samples/clusterset_init/leader-clusterset-template.yml)):
 
 ```yaml
 apiVersion: multicluster.crd.antrea.io/v1alpha2
-kind: ClusterClaim
-metadata:
-  name: id.k8s.io
-  namespace: antrea-multicluster
-value: test-cluster-north
----
-apiVersion: multicluster.crd.antrea.io/v1alpha2
-kind: ClusterClaim
-metadata:
-  name: clusterset.k8s.io
-  namespace: antrea-multicluster
-value: test-clusterset
----
-apiVersion: multicluster.crd.antrea.io/v1alpha1
 kind: ClusterSet
 metadata:
   name: test-clusterset
   namespace: antrea-multicluster
 spec:
+  clusterID: test-cluster-north
   leaders:
     - clusterID: test-cluster-north
 ```
 
-- Create `ClusterClaim` and `ClusterSet` in member cluster `test-cluster-east`
-with the following YAML manifest (you can also refer to
-[member-clusterset-template.yml](../../multicluster/config/samples/clusterset_init/member-clusterset-template.yml)):
+- Create `ClusterSet` in member cluster `test-cluster-east` with the following
+YAML manifest (you can also refer to [member-clusterset-template.yml](../../multicluster/config/samples/clusterset_init/member-clusterset-template.yml)):
 
 ```yaml
 apiVersion: multicluster.crd.antrea.io/v1alpha2
-kind: ClusterClaim
-metadata:
-  name: id.k8s.io
-  namespace: kube-system
-value: test-cluster-east
----
-apiVersion: multicluster.crd.antrea.io/v1alpha2
-kind: ClusterClaim
-metadata:
-  name: clusterset.k8s.io
-  namespace: kube-system
-value: test-clusterset
----
-apiVersion: multicluster.crd.antrea.io/v1alpha1
 kind: ClusterSet
 metadata:
   name: test-clusterset
   namespace: kube-system
 spec:
+  clusterID: test-cluster-east
   leaders:
     - clusterID: test-cluster-north
       secret: "member-east-token"
@@ -288,29 +267,16 @@ spec:
 Note: update `server: "https://172.18.0.1:6443"` in the `ClusterSet` spec to the
 correct leader cluster API server address.
 
-- Create `ClusterClaim` and `ClusterSet` in member cluster `test-cluster-west`:
+- Create `ClusterSet` in member cluster `test-cluster-west`:
 
 ```yaml
 apiVersion: multicluster.crd.antrea.io/v1alpha2
-kind: ClusterClaim
-metadata:
-  name: id.k8s.io
-  namespace: kube-system
-value: test-cluster-west
----
-apiVersion: multicluster.crd.antrea.io/v1alpha2
-kind: ClusterClaim
-metadata:
-  name: clusterset.k8s.io
-  namespace: kube-system
-value: test-clusterset
----
-apiVersion: multicluster.crd.antrea.io/v1alpha1
 kind: ClusterSet
 metadata:
   name: test-clusterset
   namespace: kube-system
 spec:
+  clusterID: test-cluster-west
   leaders:
     - clusterID: test-cluster-north
       secret: "member-west-token"
@@ -326,31 +292,17 @@ Member in One Cluster](#deploy-leader-and-member-in-one-cluster) and repeat the
 steps in [Set up Access to Leader Cluster](#set-up-access-to-leader-cluster) as
 well (don't forget replace all `east` to `north` when you repeat the steps).
 
-Then create the `ClusterClaim` and `ClusterSet` CRs in cluster
-`test-cluster-north` in the `kube-system` Namespace (where the member
-Multi-cluster Controller runs):
+Then create the `ClusterSet` CR in cluster `test-cluster-north` in the
+`kube-system` Namespace (where the member Multi-cluster Controller runs):
 
 ```yaml
 apiVersion: multicluster.crd.antrea.io/v1alpha2
-kind: ClusterClaim
-metadata:
-  name: id.k8s.io
-  namespace: kube-system
-value: test-cluster-north
----
-apiVersion: multicluster.crd.antrea.io/v1alpha2
-kind: ClusterClaim
-metadata:
-  name: clusterset.k8s.io
-  namespace: kube-system
-value: test-clusterset
----
-apiVersion: multicluster.crd.antrea.io/v1alpha1
 kind: ClusterSet
 metadata:
   name: test-clusterset
   namespace: kube-system
 spec:
+  clusterID: test-cluster-north
   leaders:
     - clusterID: test-cluster-north
       secret: "member-north-token"

multicluster/PROJECT

@@ -25,8 +25,8 @@ resources:
   domain: crd.antrea.io
   group: multicluster
   kind: ClusterSet
-  path: antrea.io/antrea/multicluster/apis/multicluster/v1alpha1
-  version: v1alpha1
+  path: antrea.io/antrea/multicluster/apis/multicluster/v1alpha2
+  version: v1alpha2
   webhooks:
     defaulting: true
     validation: true
@@ -83,13 +83,4 @@ resources:
   kind: Gateway
   path: antrea.io/antrea/multicluster/apis/multicluster/v1alpha1
   version: v1alpha1
-- api:
-    crdVersion: v1
-    namespaced: true
-  controller: true
-  domain: crd.antrea.io
-  group: multicluster
-  kind: ClusterClaim
-  path: antrea.io/antrea/multicluster/apis/multicluster/v1alpha2
-  version: v1alpha2
 version: "3"