Skip to content

Commit

Permalink
Merge branch 'master' into doc-1368-rhel-airgap
Browse files Browse the repository at this point in the history
  • Loading branch information
caroldelwing authored Oct 16, 2024
2 parents 1ce6227 + 36ebec5 commit 55cf5fb
Show file tree
Hide file tree
Showing 175 changed files with 1,864 additions and 437 deletions.
2 changes: 1 addition & 1 deletion _partials/getting-started/_cluster_observability.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,6 @@ environments. Several <VersionedLink text="packs" url="/integrations/" /> are av
you can use to add additional monitoring capabilities to your cluster.

Refer to the <VersionedLink text="Deploy Monitoring Stack" url="/clusters/cluster-management/monitoring/deploy-monitor-stack/"/>
guide to learn how to deploy a monitoring stack using the open-source tool
guide to learn how to deploy a monitoring stack using the open source tool
[Prometheus](https://prometheus.io/docs/introduction/overview/) and how to configure a host cluster to forward metrics
to the monitoring stack.
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ sidebar_position: 50
tags: ["palette-cli"]
---

The Palette CLI has built-in support for the open-source [Validator](https://github.com/validator-labs/validator)
The Palette CLI has built-in support for the open source [Validator](https://github.com/validator-labs/validator)
framework and its plugins ecosystem. You can use the Validator to verify your environment is ready for an installation
of self-hosted Palette, VerteX, or for deployment of Kubernetes clusters through Palette.

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -209,7 +209,7 @@ the edge location.
:::info
You can use several software tools to create a bootable USB drive, such as [balenaEtcher](https://www.balena.io/etcher).
For a PXE server, there are open-source projects such as [Fog](https://fogproject.org/download.php) or
For a PXE server, there are open source projects such as [Fog](https://fogproject.org/download.php) or
[Windows Deployment Services](https://learn.microsoft.com/en-us/windows/deployment/wds-boot-support) for Windows.
:::
Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/azure-cni.md
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ wider manifest that also creates a deployment or service. Palette leverages two

- **azure**: Azure's own implementation, called Azure Network Policy.

- **calico**: An open-source network and network security solution founded by [Tigera](https://www.tigera.io/).
- **calico**: An open source network and network security solution founded by [Tigera](https://www.tigera.io/).

Palette users can choose any one of the above Network Policies and provide it to the pack YAML file as `networkPolicy`
as given below:
Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/byoos.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ needs.

Using your custom OS provides several benefits, including the ability to control your own dependencies, improve
performance, and ensure compatibility with your existing applications. With BYOOS, you can choose the OS that best fits
your needs, whether it's a commercial or open-source distribution, and integrate it with your Kubernetes clusters. The
your needs, whether it's a commercial or open source distribution, and integrate it with your Kubernetes clusters. The
BYOOS pack can be used with both Edge and non-Edge environments.

## Versions Supported
Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/calico.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ Palette Network Pack(s) helps provision resources for setting up Cluster network
Kubernetes network model can be found
[here](https://kubernetes.io/docs/concepts/cluster-administration/networking/#the-kubernetes-network-model).

[Project Calico](http://docs.projectcalico.org/) is an open-source container networking provider and network policy
[Project Calico](http://docs.projectcalico.org/) is an open source container networking provider and network policy
engine.

Calico provides highly scalable networking and network policy solution for connecting Kubernetes pods based on the same
Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/cilium-tetragon.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ tags: ["packs", "cilium-tetragon", "monitoring"]

[Tetragon](https://github.com/cilium/tetragon) is an eBPF based security observability and runtime enforcement. eBPF is
used to safely and efficiently extend the kernel's capabilities without requiring changing the kernel source code or
loading kernel modules. Tetragon is a Cilium community open-source project that enables profound visibility with
loading kernel modules. Tetragon is a Cilium community open source project that enables profound visibility with
filtering and aggregation with the eBPF collector support to deliver visibility at depth with minimal overhead.

Palette supports Cilium Tetragon as an add-on pack for monitoring services. Refer to the
Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/cilium.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ Palette Network Pack(s) helps provision resources for setting up Cluster network
network model design goals visit
[here](https://kubernetes.io/docs/concepts/cluster-administration/networking/#the-kubernetes-network-model).

Palette supports **Cilium**, an open-source software for securing and observing network connectivity between
Palette supports **Cilium**, an open source software for securing and observing network connectivity between
cloud-native container workloads. Cilium is underpinned by a Linux Kernel technology called eBPF, to enable dynamic and
strong security visibility and control logic within Linux. As eBPF runs within the Linux Kernel, Cilium security
policies are applied and updated independent of the application code or container configuration.
Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/harbor-edge.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ logoUrl: "https://registry.spectrocloud.com/v1/harbor/blobs/sha256:5cf19a83449d4
tags: ["packs", "harbor-edge-native-config", "system-app"]
---

Harbor is an open-source registry that secures artifacts with policies and role-based access control. You can install
Harbor is an open source registry that secures artifacts with policies and role-based access control. You can install
Harbor on your Edge clusters and use it to store all the images used by the cluster, including your provider images and
all packs used by your cluster. After the initial download, the cluster can pull images from Harbor instead of an
external registry, allowing your cluster to reboot containers or add new nodes without a connection to the external
Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/konvoy.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ logoUrl: "https://registry.spectrocloud.com/v1/k8s-dashboard/blobs/sha256:2de5d8
tags: ["packs", "konvoy", "kubernetes"]
---

[Konvoy](https://d2iq.com/products/konvoy) is a Kubernetes distribution by D2iQ. It is built on pure open-source
[Konvoy](https://d2iq.com/products/konvoy) is a Kubernetes distribution by D2iQ. It is built on pure open source
Kubernetes and includes a full suite of integrated and supported best-of-breed Day-2 platform applications for an
out-of-the-box, production-ready experience.

Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/kubehunter.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ logoUrl: "https://registry.dev.spectrocloud.com/v1/kubehunter/blobs/sha256:6b6b9
tags: ["packs", "kube-hunter", "security"]
---

Kube Hunter is an open-source tool that hunts for security issues in your Kubernetes clusters. It’s designed to increase
Kube Hunter is an open source tool that hunts for security issues in your Kubernetes clusters. It’s designed to increase
awareness and visibility of the security controls in Kubernetes environments. Kube-hunter probes a domain or address
range for open Kubernetes-related ports, and tests for any configuration issues that leave your cluster exposed to
attackers. It can be run on a machine in the cluster, and select the option to probe all the local network interfaces.
Expand Down
16 changes: 8 additions & 8 deletions docs/deprecated/integrations/kubernetes-edge.md
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,12 @@ Review our [Maintenance Policy](maintenance-policy.md) to learn about pack updat

## What is PXK-E?

PXK-E is a customized version of the open-source Cloud Native Computing Foundation (CNCF) distribution of Kubernetes.
PXK-E is a customized version of the open source Cloud Native Computing Foundation (CNCF) distribution of Kubernetes.
This Kubernetes distribution is customized and optimized for edge computing environments and can be deployed through
Palette. PXK-E is the Kubernetes distribution Palette defaults to when deploying Edge clusters.

PXK-E differs from the upstream open-source Kubernetes version by optimizing for operations in an edge computing
environment. PXK-E also differentiates itself by using the Kairos open-source project as the base operating system (OS).
PXK-E differs from the upstream open source Kubernetes version by optimizing for operations in an edge computing
environment. PXK-E also differentiates itself by using the Kairos open source project as the base operating system (OS).
PXK-E’s use of Kairos means the OS is immutable, which significantly improves the security posture and reduces potential
attack surfaces.

Expand All @@ -50,13 +50,13 @@ PXK-E manages the underlying OS and the Kubernetes layer together, which reduces
maintaining two separate components.

PXK-E allows you to apply different flavors of container storage interfaces (CSI) and container network interfaces
(CNI). Other open-source Kubernetes distributions such as MicroK8s, RKE2, and K3s come with a default CSI and CNI. There
(CNI). Other open source Kubernetes distributions such as MicroK8s, RKE2, and K3s come with a default CSI and CNI. There
is additional complexity and overhead when you want to consume different interface plugins with traditional Kubernetes
distributions. Using PXK-E, you select the interface plugin you want to apply without additional overhead and
complexity.

There are no changes to the Kubernetes source code used in PXK-E, and it follows the same versioning schema as the
upstream open-source Kubernetes distribution.
upstream open source Kubernetes distribution.

:::info

Expand Down Expand Up @@ -107,7 +107,7 @@ four months. Once we stop supporting the minor version, we initiate the deprecat
| `cluster.config.initConfiguration.nodeRegistration.kubeletExtraArgs` | This parameter contains extra arguments for kubelet during node registration, such as setting feature gates, protecting kernel defaults, and disabling the read-only port. |
| `pack.palette.config.oidc.identityProvider` | Dynamically enabled OpenID Connect (OIDC) Identity Provider (IDP) setting based on your UI selection when you add the PXK-E pack to your profile. This parameter appears in the YAML file after you make a selection. Refer to [Configure OIDC Identity Provider](#configure-custom-oidc). |

You can add cloud-init stages exposed by [Kairos](https://kairos.io/docs/architecture/cloud-init/), an open-source
You can add cloud-init stages exposed by [Kairos](https://kairos.io/docs/architecture/cloud-init/), an open source
project. For more information, check out the [Cloud Init Stages](../clusters/edge/edge-configuration/cloud-init.md)
reference.

Expand Down Expand Up @@ -492,7 +492,7 @@ In this example, Palette is used as the IDP, and all users in the `dev-east-2` w
| `cluster.config.initConfiguration.nodeRegistration.kubeletExtraArgs` | This parameter contains extra arguments for kubelet during node registration, such as setting feature gates, protecting kernel defaults, and disabling the read-only port. |
| `pack.palette.config.oidc.identityProvider` | Dynamically enabled OpenID Connect (OIDC) Identity Provider (IDP) setting based on your UI selection when you add the PXK-E pack to your profile. This parameter appears in the YAML file after you make a selection. Refer to [Configure OIDC Identity Provider](#configure-custom-oidc). |

You can add cloud-init stages exposed by [Kairos](https://kairos.io/docs/architecture/cloud-init/), an open-source
You can add cloud-init stages exposed by [Kairos](https://kairos.io/docs/architecture/cloud-init/), an open source
project. For more information, check out the [Cloud Init Stages](../clusters/edge/edge-configuration/cloud-init.md)
reference.

Expand Down Expand Up @@ -877,7 +877,7 @@ In this example, Palette is used as the IDP, and all users in the `dev-east-2` w
| `cluster.config.initConfiguration.nodeRegistration.kubeletExtraArgs` | This parameter contains extra arguments for kubelet during node registration, such as setting feature gates, protecting kernel defaults, and disabling the read-only port. |
| `pack.palette.config.oidc.identityProvider` | Dynamically enabled OpenID Connect (OIDC) Identity Provider (IDP) setting based on your UI selection when you add the PXK-E pack to your profile. This parameter appears in the YAML file after you make a selection. Refer to [Configure OIDC Identity Provider](#configure-custom-oidc). |

You can add cloud-init stages exposed by [Kairos](https://kairos.io/docs/architecture/cloud-init/), an open-source
You can add cloud-init stages exposed by [Kairos](https://kairos.io/docs/architecture/cloud-init/), an open source
project. For more information, check out the [Cloud Init Stages](../clusters/edge/edge-configuration/cloud-init.md)
reference.

Expand Down
10 changes: 5 additions & 5 deletions docs/deprecated/integrations/kubernetes.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,25 +31,25 @@ Review our [Maintenance Policy](maintenance-policy.md) to learn about pack updat

## What is PXK?

Palette eXtended Kubernetes (PXK) is a recompiled version of the open-source Cloud Native Computing Foundation (CNCF)
Palette eXtended Kubernetes (PXK) is a recompiled version of the open source Cloud Native Computing Foundation (CNCF)
distribution of Kubernetes. This Kubernetes version can be deployed through Palette to all major infrastructure
providers, public cloud providers, and private data center providers. This is the default distribution when deploying a
Kubernetes cluster through Palette. You have the option to choose other Kubernetes distributions, such as MicroK8s,
Konvoy, and more, should you want to consume a different Kubernetes distribution.

PXK is different from the upstream open-source Kubernetes version primarily because of the carefully reviewed and
PXK is different from the upstream open source Kubernetes version primarily because of the carefully reviewed and
applied hardening of the operating system (OS) and Kubernetes. The hardening ranges from removing unused kernel modules
to using an OS configuration that follows industry best practices. Our recompiled Kubernetes configuration addresses
common Kubernetes deployment security pitfalls and implements industry best practices.

A benefit of Palette when used with PXK is the ability to apply different flavors of container storage interface (CSI)
plugins and container network interface (CNI) plugins. Other open-source Kubernetes distributions, such as MicroK8s,
plugins and container network interface (CNI) plugins. Other open source Kubernetes distributions, such as MicroK8s,
RKE2, and K3s, come with a default CSI and CNI. Additional complexity and overhead are required from you to enable
different interfaces. PXK supports the ability to select other interface plugins out of the box without any additional
overhead or complexity needed from your side.

There are no changes to the Kubernetes source code and we also follow the same versioning schema as the upstream
open-source Kubernetes distribution.
There are no changes to the Kubernetes source code and we also follow the same versioning schema as the upstream open
source Kubernetes distribution.

:::info

Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/ngrok.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ tags: ["packs", "ngrok", "network", "kubernetes"]
The ngrok [Ingress Controller for Kubernetes](https://github.com/ngrok/kubernetes-ingress-controller) adds public and
secure ingress traffic to Kubernetes applications. Enforce authentication and authorization at the edge with ngrok,
preventing unauthorized traffic from ever reaching your cluster and rogue webhooks from looping and spamming your
service. This open-source
service. This open source
[Ingress Controller](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers) works with Palette to
provide ingress to your applications, APIs, or other resources while also offloading network ingress and middleware
execution to ngrok's platform. Balance traffic between multiple redundant Points of Presence (PoPs) in ngrok’s global
Expand Down
2 changes: 1 addition & 1 deletion docs/deprecated/integrations/prometheus-agent.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ logoUrl: "https://registry.spectrocloud.com/v1/prometheus-operator/blobs/sha256:
tags: ["packs", "prometheus-agent", "monitoring"]
---

Prometheus is an open-source monitoring and alerting system that is designed to collect and analyze metrics from various
Prometheus is an open source monitoring and alerting system that is designed to collect and analyze metrics from various
systems and services.

Prometheus is built around a time-series database that stores metrics data. It uses a flexible querying language called
Expand Down
Loading

0 comments on commit 55cf5fb

Please sign in to comment.