Merge branch 'version-3-4' of github.com:spectrocloud/librarium into …

…version-3-4

.github/workflows/release-branch-pr.yaml

@@ -0,0 +1,65 @@
+name: Release Branch PRs
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+    branches:
+      - "release-[0-9]-[0-9]"
+
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  MENDABLE_API_KEY: ${{ secrets.MENDABLE_API_KEY }}
+  NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
+  NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
+
+
+concurrency:
+  group: preview-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Check out repository
+      uses: actions/checkout@v3
+
+    - name: Setup Node.js environment
+      uses: actions/setup-node@v3
+      with:
+        node-version: "18"
+        cache: "npm"
+
+    - run: npm ci
+
+
+    - name: Post Netlify progress
+      uses: mshick/add-pr-comment@v2
+      with:
+        message: |
+            🤖 Starting the Netlify preview build for commit ${{ github.sha }}. This may take a few minutes.
+        refresh-message-position: true
+
+
+    - name: Deploy to Netlify
+      id: netlify
+      uses: nwtgck/[email protected]
+      with:
+        publish-dir: ./build
+        deploy-message: 'Manual Netlify deployment from GitHub Actions -  ${{ github.sha }}'
+        enable-pull-request-comment: true
+        overwrites-pull-request-comment: true
+        enable-commit-comment: true
+
+    - name: Post Netlify URL
+      uses: mshick/add-pr-comment@v2
+      with:
+        message: |
+            🚀 Netlify preview deployed succesfully for commit ${{ github.sha }}. Click [here](${{steps.netlify.outputs.deploy-url}}) to preview the changes.
+        message-failure: |
+            👎 Uh oh! The Netlify Preview failed to deploy for commit ${{ github.sha }}. Please check the Netlify logs for more information.
+        refresh-message-position: true
+        update-only: true
+

docs/docs-content/clusters/cluster-groups/ingress-cluster-group.md

@@ -13,16 +13,16 @@ Cluster Groups may have a cluster endpoint type of either Load Balancer or Ingre
 
 Using **Ingress** as the cluster endpoint type is a more cost effective way to access your Kubernetes workloads than using type **Load Balancer**, which requires a new cloud Load Balancer to be provisioned for each virtual cluster.
 
-When you enable **Ingress** as the endpoint for a Cluster Group, you must deploy an [Ingress Controller](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers) add-on profile, such as NGINX, on each host cluster in the Cluster Group. The Ingress Controller provides the necessary routing functionality for external traffic to reach the Kubernetes API server of each virtual cluster, as well as any apps each virtual cluster contains. 
+When you enable **Ingress** as the endpoint for a Cluster Group, you must deploy an [Ingress Controller](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers) add-on profile, such as Nginx, on each host cluster in the Cluster Group. The Ingress Controller provides the necessary routing functionality for external traffic to reach the Kubernetes API server of each virtual cluster, as well as any apps each virtual cluster contains. 
 
 ## Prerequisites
 
-- At least one infrastructure or cloud-based cluster you’ve created.
+- At least one infrastructure or cloud-based cluster.
 
 
-- The Ingress Controller must have Secure Socket Layer (SSL) passthrough enabled so that Transport Layer Security (TLS) is not terminated at the ingress controller. Palette provides the ```nginx-ingress``` add-on profile with SSL passthrough already enabled. The following example shows how SSL-passthrough is enabled for the NGINX Ingress Controller. You would add an equivalent configuration to the profile of the add-on you are using. <br /><br />
+- The Ingress Controller must have Secure Socket Layer (SSL) passthrough enabled so that Transport Layer Security (TLS) is not terminated at the ingress controller. Palette provides the `nginx-ingress` add-on profile  where SSL passthrough can be enabled. The following example shows how you can enable SSL-passthrough for the Nginx Ingress Controller. 
 
-   ```yaml
+   ```yaml {5}
   charts:
     ingress-nginx:
       controller:
@@ -33,9 +33,9 @@ When you enable **Ingress** as the endpoint for a Cluster Group, you must deploy
 
  - Palette's ```nginx-ingress``` add-on profile automatically reroutes inbound requests from port 6443 to port 443 using a TCP service configuration. This is so that TLS termination on port 443 for all Apps can occur at the cloud load balancer while simultaneously allowing connections to the API servers of your Virtual Clusters on port 6443. 
 
- If you are using an ingress controller other than the NGINX Ingress Controller and would like to terminate TLS at your ingress controller's cloud load balancer, an equivalent TCP service configuration would be required. Alternatively, you may handle all TLS termination inside the cluster by configuring Cert Manager to issue a certificate for each App's Ingress.<br /> 
+ If you are using an ingress controller other than the Nginx Ingress Controller and would like to terminate TLS at your ingress controller's cloud load balancer, an equivalent TCP service configuration would be required. Alternatively, you may handle all TLS termination inside the cluster by configuring cert-manager to issue a certificate for each application's ingress.<br /> 
 
- The following example shows how port rerouting is achieved for the NGINX Ingress Controller. You would add an equivalent Transmission Control Protocol (TCP) service configuration to the profile of the add-on you are using. <br /><br />
+ The following example shows how port rerouting is achieved for the Nginx Ingress Controller. You would add an equivalent Transmission Control Protocol (TCP) service configuration to the profile of the add-on you are using. <br /><br />
 
     ```yaml
     tcp:   
@@ -50,7 +50,7 @@ The following steps describe how to enable an Ingress Controller for a Cluster G
 1. Log in to Palette as **Tenant Admin**.
 
 
-2. Identify each host cluster that requires the addition of an NGINX Ingress Controller profile.
+2. Identify each host cluster that requires the addition of an Nginx Ingress Controller profile.
 
     This can be:
 
@@ -76,8 +76,8 @@ The following steps describe how to enable an Ingress Controller for a Cluster G
 
     c. Invoke the following command to display the External-IP of the ```nginx-ingress``` LoadBalancer Service: <br /><br />
 
-    ```
-    kubectl -n nginx get service nginx-ingress-controller
+    ```shell
+    kubectl get service nginx-ingress-controller --namespace nginx
     ``` 
 
     d. Copy the record to your clipboard or to a text file. You will use the External-IP address to create a CNAME DNS record.
@@ -121,13 +121,13 @@ To validate that ingress is functioning as expected, do the following:
 2. Use a web shell and type the following command to verify you can connect to the newly deployed virtual cluster:
 
   ```shell
-   kubectl get namespaces
+   kubectl get namespaces --all-namespaces
   ```
 This should display a list of namespaces as shown in the example: 
 
   <br />
 
-  ```shell
+  ```shell hideClipboard
   NAME                               STATUS   AGE
   default                            Active   4d11h
   kube-system                        Active   4d11h
@@ -139,9 +139,9 @@ This should display a list of namespaces as shown in the example:
 
 If an error message displays, it indicates something is wrong with the configuration. Verify the following:
 
-- Each host cluster is deployed with NGINX Ingress Controller.
+- Each host cluster is deployed with Nginx Ingress Controller.
 
-- The CNAME record correctly maps to the External-IP of the NGINX Ingress Controller’s LoadBalancer Service.
+- The CNAME record correctly maps to the External-IP of the Nginx Ingress Controller’s LoadBalancer Service.
 
 - Cluster Group Settings specify the Cluster endpoint type as **Ingress**, and **Host DNS** specifies the CNAME record you created.
 

docs/docs-content/clusters/cluster-management/pack-monitoring.md

@@ -1,7 +1,7 @@
 ---
 sidebar_label: "Pack Monitoring"
-title: "Pack Monitorin"
-description: "Learn how-to to monitor the status of packs in Palette"
+title: "Pack Monitoring"
+description: "Learn how to to monitor the status of packs in Palette"
 hide_table_of_contents: false
 sidebar_position: 140
 ---

docs/docs-content/clusters/clusters.md

@@ -246,9 +246,9 @@ At times, you may be required to work with the Palette Support Team to troublesh
 
 ## Proxy Whitelist
 
-This table lists the proxy requirements for enabling the Palette management console.
+The following table lists the proxy requirements required by Palette. Depending on the network equipment and configuration, you may have to specify all subdomains of the top-level domains listed in the table. For example, an entry containing `gcr.io` and `*.gcr.io` may be required. Consult your network administrator for the exact requirements.
 
-| Top-level Domain          | Port | Description                                  |
+| **Top-level Domain**          | **Port** | **Description**                                  |
 | ------------------------- | ---- | -------------------------------------------- |
 | docker.io                 | 443  | Third party container images.                |
 | docker.com                | 443  | Third party container images.                |

docs/docs-content/clusters/edge/site-deployment/stage.md

@@ -76,7 +76,7 @@ The following items are optional and not required but may apply to your use case
 
 4. Wait for the Edge Installer to complete copying content to the hard drive. The Edge host will reboot by default upon completion unless you specify a different option in the Edge Installer configuration user data.
 
-5. Repeat steps one through four for all Edge hosts.
+5. Repeat steps 1 through 4 for all Edge hosts.
 
 
 6. Remove the USB disks and ship your Edge host devices to the site for installation.
@@ -247,4 +247,4 @@ You can validate the Edge host is ready for the site installation by simulating
 
 ## Next Steps
 
-Now that you have completed the staging process, you can ship the Edge hosts to the destination site. Proceed to the [Perform Site Install](site-installation/site-installation.md) step.
+Now that you have completed the staging process, you can ship the Edge hosts to the destination site. Proceed to the [Perform Site Install](site-installation/site-installation.md) step.

docs/docs-content/clusters/public-cloud/aws/eks.md

@@ -88,7 +88,7 @@ Use the following steps to deploy an EKS cluster on AWS.
   |**SSH Key Pair Name** | Choose the SSH key pair for the region you selected. SSH key pairs must be pre-configured in your AWS environment. This is called an EC2 Key Pair in AWS. The key you select is inserted into the provisioned VMs.|
   |**Cluster Endpoint Access**| This setting provides access to the Kubernetes API endpoint. Select **Private**, **Public** or **Private & Public**. For more information, refer to the [Amazon EKS cluster endpoint access control](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) reference guide.|
   |**Public Access CIDRs** |This setting controls which IP address CIDR ranges can access the cluster. To fully allow unrestricted network access, enter `0.0.0.0/0` in the field. For more information, refer to the [Amazon EKS cluster endpoint access control](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) reference guide.|
-  |**Private Access CIDRs** |This setting controls which private IP address CIDR ranges can access the cluster. Private CIDRs provide a way to specify private, self-hosted, and air-gapped networks or Private Cloud Gateway (PCG) that may be located in other VPCs connected to the VPC hosting the cluster endpoint.<br /><br />To restrict network access, enter the IP address CIDR range that will provide access to the cluster. Although `0.0.0.0/0` is pre-populated in this field, only IPs that can reach the private endpoint are those within the VPC or any other connected VPCs. For example, while using `0.0.0.0/0` would allow traffic throughout the VPC and all peered VPCs, specifying the VPC CIDR `10.0.0.0/16` would limit traffic to an individual VPC. For more information, refer to the [Amazon EKS cluster endpoint access control](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) reference guide.|
+  |**Private Access CIDRs** |This setting controls which private IP address CIDR ranges can access the cluster. Private CIDRs provide a way to specify private, self-hosted, and air-gapped networks or Private Cloud Gateway (PCG) that may be located in other VPCs connected to the VPC hosting the cluster endpoint.<br /><br />To restrict network access, replace the pre-populated 0.0.0.0/0 with the IP address CIDR range that should be allowed access to the cluster endpoint. Only the IP addresses that are within the specified VPC CIDR range - and any other connected VPCs - will be able to reach the private endpoint. For example, while using `0.0.0.0/0` would allow traffic throughout the VPC and all peered VPCs, specifying the VPC CIDR `10.0.0.0/16` would limit traffic to an individual VPC. For more information, refer to the [Amazon EKS cluster endpoint access control](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) reference guide.|
   |**Enable Encryption**| Use this option for secrets encryption. You must have an existing AWS Key Management Service (KMS) key you can use. Toggle the **Enable encryption** option and use the **drop-down Menu** in the **ARN** field to select the KMS key ARN.<br /><br />If you do not have a KMS key and want to create one to use this option, review [Enable Secrets Encryption for EKS Cluster](enable-secrets-encryption-kms-key.md). Once your KMS key is created, return to this Cluster Config step to enable secrets encryption and specify the KMS key ARN. |
 
   :::caution

docs/docs-content/integrations/ngrok.md

@@ -4,7 +4,7 @@ title: "ngrok"
 description: "Learn about using ngrok Kubernetes Ingress to access applications in Palette."
 hide_table_of_contents: true
 type: "integration"
-category: ["ingress", "kubernetes", "amd64"]
+category: ["ingress", "kubernetes", "amd64", 'community']
 sidebar_class_name: "hide-from-sidebar"
 logoUrl: "https://registry.spectrocloud.com/v1/ngrok-ingress-controller/blobs/sha256:a723399d53d716c5441d57d021a7975d961e5b7db79ccb2bc10f7524ba7e67c1?type=image/png"
 tags: ["packs", "ngrok", "network", "kubernetes"]