servala-portal/docs/modules/ROOT/pages/web-portal-controlplanes.adoc

= Web Portal Control-Planes

Each control-plane represents a zone at a cloud provider. It's a dedicated Kubernetes API endpoint running the Servala control-plane.

To register a control-plane, a service account with appropriate permissions is required on the Kubernetes API server.

Example:

[source,bash]
----
# Create service account
kubectl -n kube-system create sa servala-portal

# Create long-lived token for service account
kubectl -n kube-system apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
  name: servala-portal-token
  annotations:
    kubernetes.io/service-account.name: servala-portal
type: kubernetes.io/service-account-token
EOF

# Grant access
kubectl create clusterrolebinding servala-portal-admin --clusterrole=cluster-admin --serviceaccount=kube-system:servala-portal

# Retrieve token
kubectl ksd -n kube-system get secret servala-portal-token -o yaml
----
document models and admin 2025-04-15 10:36:08 +02:00			`= Web Portal Control-Planes`

			`Each control-plane represents a zone at a cloud provider. It's a dedicated Kubernetes API endpoint running the Servala control-plane.`

			`To register a control-plane, a service account with appropriate permissions is required on the Kubernetes API server.`

			`Example:`

			`[source,bash]`
			`----`
			`# Create service account`
			`kubectl -n kube-system create sa servala-portal`

			`# Create long-lived token for service account`
			`kubectl -n kube-system apply -f - <<EOF`
			`apiVersion: v1`
			`kind: Secret`
			`metadata:`
			`name: servala-portal-token`
			`annotations:`
			`kubernetes.io/service-account.name: servala-portal`
			`type: kubernetes.io/service-account-token`
			`EOF`

			`# Grant access`
			`kubectl create clusterrolebinding servala-portal-admin --clusterrole=cluster-admin --serviceaccount=kube-system:servala-portal`

			`# Retrieve token`
			`kubectl ksd -n kube-system get secret servala-portal-token -o yaml`
			`----`