Skip to main content
🎀 Speaking at KubeCon EU 2026 Lessons Learned Orchestrating Multi-Tenant GPUs on OpenShift AI View Session
🎀 Speaking at Red Hat Summit 2026 GPUs take flight: Safety-first multi-tenant Platform Engineering with NVIDIA and OpenShift AI Learn More
Platform Engineering

Multi-Cluster Kubernetes Management with Open Cluster Management

Luca Berton β€’ β€’ 1 min read
#kubernetes#multi-cluster#ocm#fleet-management#cloud-native

\n## 🌐 Managing the Cluster Sprawl

Most enterprises don’t have one Kubernetes cluster β€” they have dozens. Different environments, regions, cloud providers, edge locations. Open Cluster Management (OCM) provides the control plane for managing them all.

Why Multi-Cluster?

  • Blast radius reduction: A bad deploy affects one cluster, not everything
  • Compliance: Data residency requirements demand regional clusters
  • Hybrid cloud: Some workloads on-prem, others in cloud
  • High availability: Active-active across regions
  • Team isolation: Separate clusters for different business units

OCM Architecture

Hub Cluster (Management)
  β”œβ”€β”€ Managed Cluster: prod-us-east
  β”œβ”€β”€ Managed Cluster: prod-eu-west
  β”œβ”€β”€ Managed Cluster: staging
  β”œβ”€β”€ Managed Cluster: edge-factory-1
  └── Managed Cluster: on-prem-dc

Setup

# Install OCM hub
clusteradm init --wait

# Join a managed cluster
clusteradm get token | clusteradm join \
  --hub-token <token> \
  --hub-apiserver https://hub-api:6443 \
  --cluster-name prod-us-east

# Accept the cluster
clusteradm accept --clusters prod-us-east

Fleet-Wide Policy Enforcement

Apply policies across all clusters:

apiVersion: policy.open-cluster-management.io/v1
kind: Policy
metadata:
  name: require-network-policies
  namespace: open-cluster-management
spec:
  remediationAction: enforce
  disabled: false
  policy-templates:
  - objectDefinition:
      apiVersion: policy.open-cluster-management.io/v1
      kind: ConfigurationPolicy
      metadata:
        name: deny-all-default
      spec:
        remediationAction: enforce
        object-templates:
        - complianceType: musthave
          objectDefinition:
            apiVersion: networking.k8s.io/v1
            kind: NetworkPolicy
            metadata:
              name: deny-all
              namespace: default
            spec:
              podSelector: {}
              policyTypes:
              - Ingress
              - Egress
---
apiVersion: policy.open-cluster-management.io/v1
kind: PlacementBinding
metadata:
  name: require-network-policies-binding
spec:
  placementRef:
    name: all-production-clusters
    apiGroup: cluster.open-cluster-management.io
    kind: Placement
  subjects:
  - name: require-network-policies
    apiGroup: policy.open-cluster-management.io
    kind: Policy

Workload Distribution

Deploy workloads across clusters based on placement rules:

apiVersion: cluster.open-cluster-management.io/v1beta1
kind: Placement
metadata:
  name: production-clusters
spec:
  predicates:
  - requiredClusterSelector:
      labelSelector:
        matchLabels:
          environment: production
      claimSelector:
        matchExpressions:
        - key: platform.open-cluster-management.io
          operator: In
          values: ["AWS", "Azure"]
  numberOfClusters: 3

Observability Across Clusters

Aggregate metrics, logs, and traces from all clusters into the hub:

# Install observability addon
clusteradm install hub-addon --names observability

# All managed clusters now ship metrics to the hub's Thanos instance
# Access unified Grafana dashboards on the hub

Key Lessons

  1. Start with GitOps β€” manage cluster configs in Git, sync with ArgoCD/Flux
  2. Standardize cluster bootstrapping β€” every cluster should be identical at creation
  3. Centralize policy, decentralize execution β€” hub defines policies, clusters enforce locally
  4. Plan for network partitions β€” managed clusters must function when disconnected from hub

Managing a growing fleet of Kubernetes clusters? I help organizations design multi-cluster strategies. Let’s connect.\n

Share:

πŸ“Œ Need expert help with this topic?

☸️

Kubernetes & Containerization

Master Kubernetes and container orchestration with hands-on workshops and architecture consulting.

☁️

Cloud Infrastructure Design

Build resilient, cost-effective cloud environments with expert architecture consulting.

Book a free consultation β†’

LB

Luca Berton

AI & Cloud Advisor with 18+ years experience. Author of 8 technical books, creator of Ansible Pilot, and instructor at CopyPasteLearn Academy. Speaker at KubeCon EU & Red Hat Summit 2026.

LinkedIn Bluesky YouTube Contact β†’
← Back to Blog

Related Articles

Platform Engineering

The Rise of AI Coding Agents: Impact on Platform Engineering Teams

How AI coding agents like GitHub Copilot Workspace and Cursor are reshaping platform engineering. What teams need to prepare for and how to leverage these tools.

Platform Engineering

Internal Developer Portals with Backstage and AI: The 2026 Playbook

Backstage is the de facto IDP. Adding AI makes it transformative β€” auto-generated docs, intelligent search, and self-service infrastructure. Here's the architecture.

Platform Engineering

Sustainable IT: Carbon-Aware Kubernetes Scheduling

Schedule Kubernetes workloads when and where the grid is greenest. How carbon-aware scheduling works, the tools available, and the business case for sustainable compute.

Luca Berton Ansible Pilot Ansible by Example Open Empower K8s Recipes Terraform Pilot CopyPasteLearn ProteinLens TechMeOut