Resources
OpenShift Day 4 Guide
Multi-cluster, Service Mesh, GitOps at Scale, DR, Cost Management, and Compliance.
Multi-Cluster Management
At Day 4 maturity, you manage a fleet of clusters — dev, staging, prod, regional, edge. Red Hat Advanced Cluster Management (RHACM) and Argo CD ApplicationSets are the two primary tools for managing workloads at scale across clusters.
Red Hat Advanced Cluster Management (RHACM)
RHACM provides a single control plane for fleet visibility, policy enforcement, and application delivery across managed clusters. Managed clusters register as ManagedCluster objects on the hub.
# ManagedClusterSet — logical grouping of clusters (e.g. by region or environment)
apiVersion: cluster.open-cluster-management.io/v1beta2
kind: ManagedClusterSet
metadata:
name: production-clusters
---
# Placement — selects clusters to target by labels
apiVersion: cluster.open-cluster-management.io/v1beta1
kind: Placement
metadata:
name: production-placement
namespace: rhacm-policies
spec:
clusterSets:
- production-clusters
predicates:
- requiredClusterSelector:
labelSelector:
matchExpressions:
- key: region
operator: In
values: ["us-east", "us-west"]
numberOfClusters: 3 # Select 3 clusters from the matching setArgo CD ApplicationSet — Fleet Delivery
ApplicationSet generates Argo CD Applications programmatically — one per cluster, environment, or tenant. The cluster generator creates one Application per registered cluster.
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: api-server-fleet
namespace: openshift-gitops
spec:
generators:
- clusters:
selector:
matchLabels:
env: production # Target all prod clusters
- list: # Or target explicit clusters
elements:
- cluster: us-east-prod
url: https://us-east.example.com
namespace: mission-ops
- cluster: us-west-prod
url: https://us-west.example.com
namespace: mission-ops
template:
metadata:
name: 'api-server-{{name}}'
spec:
project: production
source:
repoURL: https://github.com/example-org/k8s-manifests.git
targetRevision: main
path: 'apps/api-server/overlays/{{metadata.labels.env}}'
destination:
server: '{{server}}'
namespace: '{{namespace}}'
syncPolicy:
automated:
prune: true
selfHeal: trueCluster Labels Strategy
| Label | Values | Purpose |
|---|---|---|
| env | dev, staging, production | Environment tier — drives overlay selection |
| region | us-east, us-west, eu-west | Geographic region for placement and failover |
| provider | gcp, aws, azure, on-prem | Drives cloud-specific StorageClass and LB config |
| criticality | standard, high, mission-critical | Policy enforcement severity level |
| customer | internal, acme-corp, us-agency | Tenant isolation for multi-tenant fleets |
Hub vs Spoke Architecture
The RHACM hub cluster should run no production workloads — it is infrastructure-only. Size the hub for the number of managed clusters (each managed cluster uses ~100m CPU and ~300Mi memory on the hub). Plan for hub HA with 3 control-plane nodes minimum.
This guide reflects OpenShift 4.x / Kubernetes 1.28+. YAML examples are illustrative — adjust namespaces, images, and resource values for your environment.