This page tells you the architecture and basic concepts in open-cluster-management. Architecture diagram


open-cluster-management enables any capability within the Kubernetes ecosystem to orchestrate itself across multiple clusters and cloud providers. Consider the requirements that a capability within the Kubernetes ecosystem would need to become multicluster-aware.

open-cluster-management provides core primitives to satisfy the above requirements to ease the multicluster enablement:

Hub cluster

The hub cluster is the common term that is used to define the central controller that runs on a Kubernetes cluster. The hub cluster aggregates information from multiple clusters by using an asynchronous work request model.


The klusterlet is an agent running on the cluster managed by the hub.

Managed cluster

The managed cluster provides a representation of the managed cluster on the hub. ManagedCluster controls the lifecycle of whether the remote cluster has been “accepted” by the Hub for management and can retrieve information from the Hub to direct a set of manifests or actions to apply.

Application lifecycle

The application lifecycle defines the processes that are used to manage application resources on your managed clusters. A multi-cluster application uses a Kubernetes specification, but with additional automation of the deployment and lifecycle management of resources to individual clusters. A multi-cluster application allows you to deploy resources on multiple clusters, while maintaining easy-to-reconcile service routes, as well as full control of Kubernetes resource updates for all aspects of the application.

Governance and risk

Governance and risk is the term used to define the processes that are used to manage security and compliance from the hub cluster. Ensure the security of your cluster with the extensible policy framework. After you configure a hub cluster and a managed cluster, you can create, modify and delete policies on the hub and apply policies to the managed clusters.