Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

📖 Assorted docs updates #1318

Merged
merged 1 commit into from
Oct 10, 2019
Merged

📖 Assorted docs updates #1318

merged 1 commit into from
Oct 10, 2019

Conversation

moshloop
Copy link
Contributor

/assign @ncdc @chuckha

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Aug 25, 2019
@vincepri vincepri mentioned this pull request Aug 27, 2019
Closed
@vincepri
Copy link
Member

@moshloop Are you able to address the comments above before tomorrow's meeting?

@moshloop
Copy link
Contributor Author

@vincepri will do

detiber
detiber reviewed Aug 28, 2019
View reviewed changes
docs/book/getting_started/interoperability.md Outdated

Cluster API expects certificates and keys used for bootstrapping to follow the below convention. CAPBK generates new certificates using this convention if they do not already exist.

* Each certificate must be stored PEM encoded in a single secret named one of:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Each certificate must be stored PEM encoded in a single secret named one of:
* Each certificate authority keypair must be stored individually in a secret with a name that reflects the cluster and it's use:

docs/book/getting_started/interoperability.md Outdated
* `<cluster name>-ca`
* `<cluster name>-etcd`
* `<cluster name>-proxy`
* `<cluster name>-sa`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would be good to call out the <cluster name>-sa separately since it is not a CA, but rather just a public/private keypair.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'd go into more detail about the contents of these Secrets and their purpose.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One thing that just crossed my mind, is that outside of <cluster-name>-ca and a generated <cluster-name>-kubeconfig, the other values listed here are particular to the kubeadm bootstrapper, maybe we should not define the interoperability of those values here, but rather on the kubeadm bootstrapper?

docs/book/getting_started/interoperability.md Outdated Show resolved Hide resolved
docs/book/getting_started/interoperability.md Outdated
* `<cluster name>-sa`
* Each secret must have the following label:
* `cluster.x-k8s.io/cluster-name=<cluster name>`
* Secrets must be of type TLS with 2 values `tls.crt` and `tls.key`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Secrets must be of type TLS with 2 values `tls.crt` and `tls.key`
* Secrets must be of type TLS with 2 keys `tls.crt` and `tls.key`, where the value of each is the PEM encoded public (`tls.crt`) or private ('tls.key`) key.

docs/book/getting_started/interoperability.md Outdated
cluster.x-k8s.io/cluster-name: cluster1
type: kubernetes.io/tls
data:
tls.crt: ICAgIC0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQogICAgTUlJQ3l6Q0NBYk9nQXdJQkFnSUJBREFOQmdrcWhraUc5dzBCQVFzRkFEQVZNUk13RVFZRFZRUURFd3ByZFdKbAogICAgY201bGRHVnpNQjRYRFRFNU1EZ3lNekV3TURRek1Gb1hEVEk1TURneU1ERXdNRFF6TUZvd0ZURVRNQkVHQTFVRQogICAgQXhNS2EzVmlaWEp1WlhSbGN6Q0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU1oZgogICAgV0lxdGUzMFRkNXlXM1hQWCs5SDV5S3I1N0NoNDJ2Y3o4cU9DdXFZazZMeWpBcG1hS3FyaTcwRTJ1ZVlYQ0U4RAogICAgMVAwaVRlOXd5L2M0VFpNcmFwUHBHNHo5UDF3bCtTdG5WcTVBZWV6aU9IY1BIcERyNVR4VGViUllnR3dmUFlLdwogICAgdm5kS0JseXYzQXhVR0NIU2hOV01hSUx0dko0RktKZ0NGNXVVUjE3SExsMnVyQ1dmNTBpNmEwK3pLcHZLejZYVwogICAgUmlGTWxZalhlUHFrKzB2QjdWcGxla05JTnFEbm9IRk1kZFBudXZjUW5NSTU1Q2NadHd5S09HMHp0OXBPYXdJYwogICAga3B5a0xSb20rWlBpQ3AzdG1BMnRBUHRsQmJTcmMvZmtVN1BUS2VacjduZ05RYnJocTFudlR3KzFYcmRwcG5qdQogICAgVTB6QVZ2N1JKOS9JSEJTdEFIY0NBd0VBQWFNbU1DUXdEZ1lEVlIwUEFRSC9CQVFEQWdLa01CSUdBMVVkRXdFQgogICAgL3dRSU1BWUJBZjhDQVFBd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFKOUFUT01STC9hdnJGMWZ4N21xaDFFUwogICAgQ3JjcmZIQVFvWlhaTEhXV2lqVm56VGQvYmFKUTZhL0haejMvTm1TemxtK255cW1vWUNqODZmWENDUTdqLzdLbQogICAgMnk3YzhrVWwxSjFQMWtiNGpkWmhlQS9aa1ZWUHVpSHlRNU1CM3dVWEtDQTdudWtLem04blRKRUFWSXE0azEzdwogICAgL1MwYVZaM1JPVWpvSGxhcWl0L1NHdzZSVm9KQTVWb2p5Unh2VEIxdDFyL3JqajlFa0JLVkVHM3pQNGJacC8rcAogICAgdTdYWDluc0xRUWR5YVZSazU4N29vWXpDMTdOQys3OFJub1JoR2tXbUlZTmZWaUllSGVmNU9ac2UxZ0VPRXVOQQogICAgVW9WanlsRkJSbk9XL1pTVEN5bEhGU3M3Z0kvakV1cmVzbWtNdFYzTThxWG5LN2JaRG9rNzZpRGU1RDZlYUNzPQogICAgLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we want to enforce PEM encoding that we would need to include the BEGIN and END headers here.

I wasn't able to find anything in the cert-manager docs related to how it encodes the secrets it generates, is there any guarantees they make related to the Secrets they generate?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is BASE64 encoded PEM

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PEM format requires the BEGIN and END markers: https://tools.ietf.org/html/rfc7468

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fwiw, I'm not saying we should require PEM format, I'm just saying that we should accurately represent the format we are expecting/using.

@vincepri vincepri mentioned this pull request Aug 29, 2019
Merged
@ncdc
Copy link
Contributor

ncdc commented Sep 11, 2019

@moshloop Hi! Will you have some time soon to pick this back up?

@vincepri
Copy link
Member

If it's possible, it'd be great to move this page under the developer guide of the new book

@moshloop
Copy link
Contributor Author

I will have this done before the F2F next week.

@vincepri
Copy link
Member

vincepri commented Sep 23, 2019
edited
Loading

@moshloop Do you have time this week to get this document to the book?

@moshloop
Copy link
Contributor Author

Yes, working on it as we speak, going to include it in a larger docs PR in the next day or 2

@vincepri
Copy link
Member

Thanks!

@k8s-ci-robot k8s-ci-robot added needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Sep 24, 2019
@k8s-ci-robot
Copy link
Contributor

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA.

It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. label Sep 24, 2019
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Sep 24, 2019
@moshloop
Copy link
Contributor Author

moshloop commented Oct 1, 2019

ping @ncdc @vincepri @detiber

@vincepri
Copy link
Member

vincepri commented Oct 1, 2019

@moshloop Seems there are some conflicts that need to be resolved

@vincepri
Copy link
Member

vincepri commented Oct 1, 2019

@moshloop I'm not sure what happened to the docs, but it seems the changes in this PR aren't based on the latest version of the book, which is published here https://cluster-api.sigs.k8s.io.

The scope of this PR has grown too much imo, and I want to ask if you have time to either split the commits or preferably to open different PRs so it's easier to review.

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 1, 2019
vincepri
vincepri reviewed Oct 1, 2019
View reviewed changes
docs/book/SUMMARY.md
@@ -0,0 +1,32 @@
# Managing Kubernetes Infrastructure with the Cluster API
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This file seems extra

docs/book/src/architecture/controllers/cluster.md
@@ -1 +1,3 @@
# Cluster
<!-- TODO -->
![](../../images/cluster-admission-cluster-controller.svg)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The image linked seems to be missing?

docs/book/src/user/installing.md Outdated
@@ -0,0 +1,119 @@
# Installation
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the quick start and shouldn't be renamed. There are multiple links to it in the wild

vincepri
vincepri reviewed Oct 1, 2019
View reviewed changes
docs/book/src/SUMMARY.md Outdated
@@ -2,13 +2,16 @@

[Introduction](./introduction.md)

- [Quick Start](./user/quick-start.md)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- [Quick Start](./user/quick-start.md)
[Quick Start](./user/quick-start.md)

@k8s-ci-robot k8s-ci-robot removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Oct 10, 2019
@k8s-ci-robot
Copy link
Contributor

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA.

It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@k8s-ci-robot k8s-ci-robot added cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Oct 10, 2019
@moshloop
📖 Updated docs:
ff3357d 
        * Copied over some concepts from glossary
        * Added certificate management page
        * Move abbreviations into glossary
        * Added bootstrap controller
        * Coped some diagrams from CAPV into controller pages
        * Created standalone installation page
        * Moved quick start up a level
        * Moved clusterctl to references as per docs.k8s.io
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. and removed cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. labels Oct 10, 2019
@moshloop
Copy link
Contributor Author

@vincepri @randomvariable @ncdc

Deployed to https://book-789v67wdn.now.sh/ for easy review

vincepri
vincepri approved these changes Oct 10, 2019
View reviewed changes
Copy link
Member

@vincepri vincepri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for finishing this up!

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 10, 2019
@vincepri vincepri removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 10, 2019
@vincepri
Copy link
Member

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: moshloop, vincepri

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 10, 2019
@k8s-ci-robot k8s-ci-robot merged commit 651d7ce into kubernetes-sigs:master Oct 10, 2019
@dlipovetsky dlipovetsky mentioned this pull request Oct 14, 2019
Merged
@chymy chymy mentioned this pull request Mar 16, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ncdc ncdc ncdc left review comments

@joonas joonas joonas left review comments

@neolit123 neolit123 neolit123 left review comments

@detiber detiber detiber left review comments

@vincepri vincepri vincepri approved these changes

Assignees

@ncdc ncdc

@chuckha chuckha

@vincepri vincepri

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
v0.2.x
Development

Successfully merging this pull request may close these issues.
8 participants
@moshloop @vincepri @ncdc @k8s-ci-robot @joonas @neolit123 @detiber @chuckha