docs: document image pull secrets templates (#5208)

* docs: release branch 4.5.a * ci: fix typo * ci: more fixes * ci: typo * ci: fix robots * chore: remove XML exclusion * docs: PEM-6140 Cluster Groups w/ Edge (#4530) * docs: PEM-6140 * docs: updated content * docs: apply suggestions from code review Co-authored-by: Lenny Chen <55669665+lennessyy@users.noreply.github.com> * ci: auto-formatting prettier issues * Optimised images with calibre/image-actions * Optimised images with calibre/image-actions --------- Co-authored-by: Lenny Chen <55669665+lennessyy@users.noreply.github.com> Co-authored-by: karl-cardenas-coding <karl-cardenas-coding@users.noreply.github.com> Co-authored-by: vault-token-factory-spectrocloud[bot] <133815545+vault-token-factory-spectrocloud[bot]@users.noreply.github.com> * docs: Azure Disk Encryption (PCP-3720 & PCP-3735) (#4558) * docs: Azure Disk Encryption * docs: update steps and formatting * ci: auto-formatting prettier issues * ci: auto-formatting prettier issues * docs: resolve vale header comment * docs: code review suggestions Co-authored-by: caroldelwing <carolina.delwing@spectrocloud.com> Co-authored-by: Karl Cardenas <29551334+karl-cardenas-coding@users.noreply.github.com> * ci: auto-formatting prettier issues * docs: address layout and prerequisite concerns * docs: missed random colons * ci: auto-formatting prettier issues * docs: reduce parentheses usage and link to Azure docs * ci: auto-formatting prettier issues * ci: auto-formatting prettier issues * docs: vale suggestion * docs: missed final prettier ignore * ci: auto-formatting prettier issues * docs: fixing stubborn prettier break --------- Co-authored-by: benradstone <benradstone@users.noreply.github.com> Co-authored-by: vault-token-factory-spectrocloud[bot] <vault-token-factory-spectrocloud[bot]@users.noreply.github.com> Co-authored-by: caroldelwing <carolina.delwing@spectrocloud.com> Co-authored-by: Karl Cardenas <29551334+karl-cardenas-coding@users.noreply.github.com> * docs: document new filters UI PEM-6202 (#4611) * docs: document new filters UI PEM-6202 * docs: fix vale * ci: auto-formatting prettier issues * Optimised images with calibre/image-actions * Optimised images with calibre/image-actions * Optimised images with calibre/image-actions * Optimised images with calibre/image-actions * docs: adjust wording and fix broken link * docs: fix broken link * docs: broken redirect * Apply suggestions from code review Co-authored-by: Ben Radstone <56587332+benradstone@users.noreply.github.com> * ci: auto-formatting prettier issues * docs: add steps in details * docs: add outdated suggestion --------- Co-authored-by: addetz <addetz@users.noreply.github.com> Co-authored-by: vault-token-factory-spectrocloud[bot] <133815545+vault-token-factory-spectrocloud[bot]@users.noreply.github.com> Co-authored-by: Ben Radstone <56587332+benradstone@users.noreply.github.com> * docs: add reference for image pull secret * docs: fix broken link * docs: replace link * docs: minor edit * docs: change default * Apply suggestions from code review Co-authored-by: Karl Cardenas <29551334+karl-cardenas-coding@users.noreply.github.com> * ci: auto-formatting prettier issues * docs: add to airgap * docs: fixed Helm chart outlines * chore: outline fix again * Apply suggestions from code review Co-authored-by: Karl Cardenas <29551334+karl-cardenas-coding@users.noreply.github.com> * ci: auto-formatting prettier issues --------- Co-authored-by: Karl Cardenas <karl@spectrocloud.com> Co-authored-by: Karl Cardenas <29551334+karl-cardenas-coding@users.noreply.github.com> Co-authored-by: Ben Radstone <56587332+benradstone@users.noreply.github.com> Co-authored-by: karl-cardenas-coding <karl-cardenas-coding@users.noreply.github.com> Co-authored-by: vault-token-factory-spectrocloud[bot] <133815545+vault-token-factory-spectrocloud[bot]@users.noreply.github.com> Co-authored-by: benradstone <benradstone@users.noreply.github.com> Co-authored-by: vault-token-factory-spectrocloud[bot] <vault-token-factory-spectrocloud[bot]@users.noreply.github.com> Co-authored-by: caroldelwing <carolina.delwing@spectrocloud.com> Co-authored-by: Adelina Simion <43963729+addetz@users.noreply.github.com> Co-authored-by: addetz <addetz@users.noreply.github.com> Co-authored-by: lennessyy <lennessyy@users.noreply.github.com>
spectrocloud · Jan 9, 2025 · 41b094b · 41b094b
1 parent 86138ef
commit 41b094b
Show file tree

Hide file tree

Showing 6 changed files with 117 additions and 15 deletions.
diff --git a/...erprise-version/install-palette/install-on-kubernetes/airgap-install/install.md b/...erprise-version/install-palette/install-on-kubernetes/airgap-install/install.md
@@ -227,6 +227,14 @@ environment. Reach out to our support team if you need assistance.
     | `ingress.enabled`                   | Whether to install the Nginx ingress controller. Set this to `false` if you already have an Nginx controller deployed in the cluster.                                                                                                                                                                                                                 | boolean  |
     | `reach-system`                      | Set `reach-system.enabled` to `true` and configure the `reach-system.proxySettings` parameters for Palette to use a network proxy in your environment.                                                                                                                                                                                                | object   |
 
+    :::info
+
+    If you are installing Palette by pulling required images from a private mirror registry, you will need to provide
+    the credentials to your registry in the **values.yaml** file. For more information, refer to
+    [Helm Configuration Reference](../palette-helm-ref.md#image-pull-secret).
+
+    :::
+
     Save the **values.yaml** file after you have populated the required parameters mentioned in the table. Select one of
     the following tabs to review an example of the **values.yaml** file with the required parameters highlighted.
 

diff --git a/...ocs-content/enterprise-version/install-palette/install-on-kubernetes/install.md b/...ocs-content/enterprise-version/install-palette/install-on-kubernetes/install.md
@@ -138,6 +138,14 @@ your environment. Reach out to our support team if you need assistance.
     | `ingress.enabled`                         | Whether to install the Nginx ingress controller. Set this to `false` if you already have an Nginx controller deployed in the cluster.                          | boolean  |
     | `reach-system`                            | Set `reach-system.enabled` to `true` and configure the `reach-system.proxySettings` parameters to configure Palette to use a network proxy in your environment | object   |
 
+    :::info
+
+    If you are installing Palette by pulling required images from a private mirror registry, you will need to provide
+    the credentials to your registry in the **values.yaml** file. For more information, refer to
+    [Helm Configuration Reference](palette-helm-ref.md#image-pull-secret).
+
+    :::
+
     Save the **values.yaml** file after you have populated the required parameters mentioned in the table. Expand the
     following sections to review an example of the **values.yaml** file with the required parameters highlighted.
 

diff --git a/...nt/enterprise-version/install-palette/install-on-kubernetes/palette-helm-ref.md b/...nt/enterprise-version/install-palette/install-on-kubernetes/palette-helm-ref.md
@@ -30,7 +30,41 @@ information, refer to the [Image Swap Configuration](#image-swap-configuration)
 
 :::
 
-### MongoDB
+## Global
+
+The global block allows you to provide configurations that apply globally to the installation process.
+
+### Image Pull Secret
+
+The `imagePullSecret` block allows you to provide image pull secrets that will be used to authenticate with private
+registries to obtain the images required for Palette installation. This is relevant if you have your own mirror
+registries you use for Palette installation.
+
+| **Parameters**     | **Description**                                                                                                                                                                                                                                                                                             | **Type** | **Default value** |
+| ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ----------------- |
+| `create`           | Specifies whether to create a secret containing credentials to your own private image registry.                                                                                                                                                                                                             | Boolean  | `false`           |
+| `dockerConfigJson` | The **config.json** file value containing the registry URL and credentials for your image registry in base64 encoded format on a single line. For more information about the **config.json** file, refer to [Kubernetes Documentation](https://kubernetes.io/docs/concepts/containers/images/#config-json). | String   | None              |
+
+:::info
+
+To obtain the base-64 encoded version of the credential `config.json` file, you can issue the following command. Replace
+`<path/to/.docker/config.json>` with the path to your `config.json` file. The `tr -d '\n'` removes new line characters
+and produce the output on a single line.
+
+```shell
+cat <path/to/.docker/config.json> | base64 | tr -d '\n'
+```
+
+:::
+
+```yaml
+global:
+  imagePullSecret:
+    create: true
+    dockerConfigJson: ewoJImF1dGhzHsKCQkiaG9va3......MiOiAidHJ1ZSIKCX0KfQ # Base64 encoded config.json
+```
+
+## MongoDB
 
 Palette uses MongoDB Enterprise as its internal database and supports two modes of deployment:
 
@@ -66,12 +100,12 @@ mongo:
   storageClass: ""
 ```
 
-### Config
+## Config
 
 Review the following parameters to configure Palette for your environment. The `config` section contains the following
 subsections:
 
-#### Install Mode
+### Install Mode
 
 You can install Palette in connected or air-gapped mode. The table lists the parameters to configure the installation
 mode.
@@ -85,7 +119,7 @@ config:
   installationMode: "connected"
 ```
 
-#### SSO
+### SSO
 
 You can configure Palette to use Single Sign-On (SSO) for user authentication. Configure the SSO parameters to enable
 SSO for Palette. You can also configure different SSO providers for each tenant post-install, check out the
@@ -114,7 +148,7 @@ config:
       apiVersion: "v1"
 ```
 
-#### Email
+### Email
 
 Palette uses email to send notifications to users. The email notification is used when inviting new users to the
 platform, password resets, and when [webhook alerts](../../../clusters/cluster-management/health-alerts.md) are
@@ -142,7 +176,7 @@ config:
     password: ""
 ```
 
-#### Environment
+### Environment
 
 The following parameters are used to configure the environment.
 
@@ -167,7 +201,7 @@ URLs to the Palette load balancer. For example, `*.palette.example.com`.
 
 :::
 
-#### Cluster
+### Cluster
 
 Use the following parameters to configure the Kubernetes cluster.
 
@@ -296,7 +330,7 @@ config:
     isEKSCluster: true
 ```
 
-### NATS
+## NATS
 
 Palette uses [NATS](https://nats.io) and gRPC for communication between Palette components. Dual support for NATS and
 gRPC is available. You can enable the deployment of an additional load balancer for NATS. Host clusters deployed by
@@ -320,7 +354,7 @@ nats:
   natsStaticIP:
 ```
 
-### gRPC
+## gRPC
 
 gRPC is used for communication between Palette components. You can enable the deployment of an additional load balancer
 for gRPC. Host clusters deployed by Palette use the load balancer to communicate with the Palette control plane. This is
@@ -356,7 +390,7 @@ grpc:
   insecureSkipVerify: false
 ```
 
-### Ingress
+## Ingress
 
 Palette deploys an Nginx Ingress Controller. This controller is used to route traffic to the Palette control plane. You
 can change the default behavior and omit the deployment of an Nginx Ingress Controller.
@@ -383,7 +417,7 @@ ingress:
     terminateHTTPSAtLoadBalancer: false
 ```
 
-### Spectro Proxy
+## Spectro Proxy
 
 <!-- prettier-ignore -->
 You can specify a reverse proxy server that clusters deployed through Palette can use to facilitate network connectivity
@@ -411,7 +445,7 @@ frps:
       crt: ""
 ```
 
-### UI System
+## UI System
 
 The table lists parameters to configure the Palette User Interface (UI) behavior. You can disable the UI or the Network
 Operations Center (NOC) UI. You can also specify the MapBox access token and style layer ID for the NOC UI. MapBox is a
@@ -435,7 +469,7 @@ ui-system:
       mapBoxStyledLayerID: ""
 ```
 
-### Reach System
+## Reach System
 
 You can configure Palette to use a proxy server to access the internet. Set the parameter `reach-system.enabled` to
 `true` to enable the proxy server. Proxy settings are configured in the `reach-system.proxySettings` section.

diff --git a/...t/vertex/install-palette-vertex/install-on-kubernetes/airgap-install/install.md b/...t/vertex/install-palette-vertex/install-on-kubernetes/airgap-install/install.md
@@ -227,6 +227,14 @@ environment. Reach out to our support team if you need assistance.
     | `ingress.enabled`                   | Whether to install the Nginx ingress controller. Set this to `false` if you already have an Nginx controller deployed in the cluster.                                                                                                                                                                                                                 | boolean  |
     | `reach-system`                      | Set `reach-system.enabled` to `true` and configure the `reach-system.proxySettings` parameters for VerteX to use a network proxy in your environment.                                                                                                                                                                                                 | object   |
 
+    :::info
+
+    If you are installing VerteX by pulling required images from a private mirror registry, you will need to provide the
+    credentials to your registry in the **values.yaml** file. For more information, refer to
+    [Helm Configuration Reference](../vertex-helm-ref.md#image-pull-secret).
+
+    :::
+
     Save the **values.yaml** file after you have populated the required parameters mentioned in the table.
 
     :::warning

diff --git a/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/install.md b/docs/docs-content/vertex/install-palette-vertex/install-on-kubernetes/install.md
@@ -147,6 +147,14 @@ your environment. Reach out to our support team if you need assistance.
     | `ingress.enabled`                         | Whether to install the Nginx ingress controller. Set this to `false` if you already have an Nginx controller deployed in the cluster.                         | boolean  |
     | `reach-system`                            | Set `reach-system.enabled` to `true` and configure the `reach-system.proxySettings` parameters to configure VerteX to use a network proxy in your environment | object   |
 
+    :::info
+
+    If you are installing VerteX by pulling required images from a private mirror registry, you will need to provide the
+    credentials to your registry in the **values.yaml** file. For more information, refer to
+    [Helm Configuration Reference](vertex-helm-ref.md#image-pull-secret).
+
+    :::
+
     Save the **values.yaml** file after you have populated the required parameters mentioned in the table.
 
     Select one of the following tabs to review an example of the **values.yaml** file with the required parameters

diff --git a/...-content/vertex/install-palette-vertex/install-on-kubernetes/vertex-helm-ref.md b/...-content/vertex/install-palette-vertex/install-on-kubernetes/vertex-helm-ref.md
@@ -31,6 +31,42 @@ information, refer to the [Image Swap Configuration](#image-swap-configuration)
 
 :::
 
+## Global
+
+The global block allows you to provide configurations that apply globally to the installation process.
+
+### Image Pull Secret
+
+This section is only relevant if you are using your own private registry to host the images required for the Palette
+installation process.
+
+The `imagePullSecret` block allows you to provide image pull secrets that will be used to authenticate with private
+registries to obtain the images required for Palette VerteX installation.
+
+| **Parameters**     | **Description**                                                                                                                                                                                                                                                                                             | **Type** | **Default value** |
+| ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ----------------- |
+| `create`           | Specifies whether to create a secret containing credentials to your own private image registry.                                                                                                                                                                                                             | Boolean  | `false`           |
+| `dockerConfigJson` | The **config.json** file value containing the registry URL and credentials for your image registry in base64 encoded format on a single line. For more information about the **config.json** file, refer to [Kubernetes Documentation](https://kubernetes.io/docs/concepts/containers/images/#config-json). | String   | None              |
+
+:::info
+
+To obtain the base-64 encoded version of the credential `config.json` file, you can issue the following command. Replace
+`<path/to/.docker/config.json>` with the path to your `config.json` file. The `tr -d '\n'` removes new line characters
+and produce the output on a single line.
+
+```shell
+cat <path/to/.docker/config.json> | base64 | tr -d '\n'
+```
+
+:::
+
+```yaml
+global:
+  imagePullSecret:
+    create: true
+    dockerConfigJson: ewoJImF1dGhzHsKCQkiaG9va3......MiOiAidHJ1ZSIKCX0KfQ # Base64 encoded config.json
+```
+
 ## MongoDB
 
 Palette VerteX uses MongoDB Enterprise as its internal database and supports two modes of deployment:
@@ -72,7 +108,7 @@ mongo:
 Review the following parameters to configure Palette VerteX for your environment. The `config` section contains the
 following subsections:
 
-#### Install Mode
+### Install Mode
 
 You can install Palette in connected or air-gapped mode. The table lists the parameters to configure the installation
 mode.
@@ -262,7 +298,7 @@ config:
     caCert: ""
 ```
 
-#### OCI Image Registry
+### OCI Image Registry
 
 You can specify an OCI registry for the images used by Palette.