Skip to content

Commit

Permalink
Merge branch 'master' into 9-17-24-cve-updates
Browse files Browse the repository at this point in the history
  • Loading branch information
@karl-cardenas-coding
karl-cardenas-coding authored Sep 17, 2024
2 parents 5e3619b + 8c9cbab commit 848bde3
Show file tree
Hide file tree
Showing 10 changed files with 432 additions and 41 deletions.
4 changes: 4 additions & 0 deletions docs/docs-content/automation/palette-sdk/palette-sdk.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@ The snippet below showcases an example of how to initialize the Palette client u
methods.

```go
import (
"github.com/spectrocloud/palette-sdk-go/client"
)

pc := client.New(
client.WithPaletteURI(host),
client.WithAPIKey(apiKey),
Expand Down
16 changes: 10 additions & 6 deletions ...ontent/clusters/edge/edgeforge-workflow/palette-canvos/build-provider-images.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,10 +65,10 @@ artifacts at the same time.
git tag
```

4. Check out the newest available tag. This guide uses the tag **v4.3.0** as an example.
4. Check out the newest available tag. This guide uses the tag **v4.4.12** as an example.

```shell
git checkout v4.3.0
git checkout v4.4.12
```

5. Review the files relevant for this guide.
Expand Down Expand Up @@ -102,8 +102,12 @@ artifacts at the same time.
export OS_VERSION=22.04
```

9. Open the **Earthfile** in the CanvOS directory. Under `build-provider-images`, remove the lines containing Kubernetes
versions that you do not need.
9. Open the **k8s_versions.json** file in the CanvOS directory. Remove the Kubernetes versions that you don't need from
the JSON object corresponding to your Kubernetes distribution.

If you are using a tag that is earlier than v4.4.12, the **k8s_versions.json** file does not exist in those tags.
Instead, open the **Earthfile** in the CanvOS directory. Under `build-provider-images`, remove the lines containing
Kubernetes versions that you do not need.

10. Issue the command below to create an **.arg** file. The **.arg** file uses the default values for the remaining
arguments.
Expand Down Expand Up @@ -155,7 +159,7 @@ artifacts at the same time.
`[REGISTRY-HOSTNAME]` and version numbers in the command below.
```bash
docker push [REGISTRY-HOSTNAME]/ubuntu:k3s-1.28.2-v4.3.0-palette-learn
docker push [REGISTRY-HOSTNAME]/ubuntu:k3s-1.28.2-v4.4.12-palette-learn
```
## Validate
Expand All @@ -171,7 +175,7 @@ artifacts at the same time.
```hideClipboard
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/[DOCKER-ID]/ubuntu k3s-1.28.2-v4.3.0-palette-learn 075134ad5d4b 10 minutes ago 4.11GB
docker.io/[DOCKER-ID]/ubuntu k3s-1.28.2-v4.4.12-palette-learn 075134ad5d4b 10 minutes ago 4.11GB
```
## Next Steps
Expand Down
10 changes: 7 additions & 3 deletions docs/docs-content/clusters/edge/edgeforge-workflow/palette-canvos/fips.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,11 +84,11 @@ Palette is not FIPS compliant. If you need a FIPS-compliant solution, you need t
```

3. View the available tags and check out the latest tag or any specific version of your choosing. This guide uses
**v4.3.2** as an example.
**v4.4.12** as an example.

```bash
git tag
git checkout v4.3.2
git checkout v4.4.12
```

### Build FIPS-Compliant Base OS Image
Expand Down Expand Up @@ -266,7 +266,11 @@ workaround.
Provider images are Kairos-based container images for a supported OS and Kubernetes distribution combination.
FIPS-complaint provider images are built on top of the base OS image you have built previously.

17. Locate **Earthfile** in the CanvOS directory. In the file, find the block that starts with
17. Open the **k8s_versions.json** file in the CanvOS directory. Remove the Kubernetes versions that you don't need from
the JSON object corresponding to your Kubernetes distribution.
If you are using a tag that is earlier than v4.4.12, the **k8s_versions.json** file does not exist in those tags.
Instead, open the **Earthfile** in the CanvOS directory. In the file, find the block that starts with
`build-provider-images-fips:` and delete the Kubernetes versions that you do not want. This will speed up the build
process and save storage space.
Expand Down
40 changes: 20 additions & 20 deletions .../docs-content/clusters/edge/edgeforge-workflow/palette-canvos/palette-canvos.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,10 +114,10 @@ customization.
git tag
```

4. Check out the newest available tag. This guide uses the tag **v4.0.6** as an example.
4. Check out the newest available tag. This guide uses the tag **v4.4.12** as an example.

```shell
git checkout v4.0.6
git checkout v4.4.12
```

5. Review the files relevant for this guide.
Expand Down Expand Up @@ -152,7 +152,7 @@ customization.

Using the arguments defined in the **.arg** file, the final provider images you generate will have the following
naming convention, `[IMAGE_REGISTRY]/[IMAGE_REPO]:[CUSTOM_TAG]`. For example, one of the provider images will be
`ttl.sh/ubuntu:k3s-1.27.2-v4.0.6-palette-learn`.
`ttl.sh/ubuntu:k3s-1.27.2-v4.4.12-palette-learn`.

```bash
cat << EOF > .arg
Expand Down Expand Up @@ -279,7 +279,7 @@ customization.
system.repo: ubuntu
system.k8sDistribution: k3s
system.osName: ubuntu
system.peVersion: v4.0.6
system.peVersion: v4.4.12
system.customTag: palette-learn
system.osVersion: 22
```
Expand All @@ -294,9 +294,9 @@ customization.
```hideClipboard bash
REPOSITORY TAG IMAGE ID CREATED SIZE
ttl.sh/ubuntu k3s-1.27.2-v4.0.6-palette-learn 075134ad5d4b 10 minutes ago 4.11GB
ttl.sh/ubuntu k3s-1.25.2-v4.0.6-palette-learn 02424d29fcac 10 minutes ago 4.09GB
ttl.sh/ubuntu k3s-1.26.4-v4.0.6-palette-learn 4e373ddfb53f 10 minutes ago 4.11GB
ttl.sh/ubuntu k3s-1.27.2-v4.4.12-palette-learn 075134ad5d4b 10 minutes ago 4.11GB
ttl.sh/ubuntu k3s-1.25.2-v4.4.12-palette-learn 02424d29fcac 10 minutes ago 4.09GB
ttl.sh/ubuntu k3s-1.26.4-v4.4.12-palette-learn 4e373ddfb53f 10 minutes ago 4.11GB
```
13. To use the provider images in your cluster profile, push them to the image registry mentioned in the **.arg** file.
Expand All @@ -305,9 +305,9 @@ customization.
following commands to push the provider images to the _ttl.sh_ image registry.
```bash
docker push ttl.sh/ubuntu:k3s-1.25.2-v4.0.6-palette-learn
docker push ttl.sh/ubuntu:k3s-1.26.4-v4.0.6-palette-learn
docker push ttl.sh/ubuntu:k3s-1.27.2-v4.0.6-palette-learn
docker push ttl.sh/ubuntu:k3s-1.25.2-v4.4.12-palette-learn
docker push ttl.sh/ubuntu:k3s-1.26.4-v4.4.12-palette-learn
docker push ttl.sh/ubuntu:k3s-1.27.2-v4.4.12-palette-learn
```
:::warning
Expand Down Expand Up @@ -366,7 +366,7 @@ customization.
system.repo: ubuntu
system.k8sDistribution: k3s
system.osName: ubuntu
system.peVersion: v4.0.6
system.peVersion: v4.4.12
system.customTag: palette-learn
system.osVersion: 22
```
Expand Down Expand Up @@ -495,7 +495,7 @@ git tag
4. Check out the newest available tag. This guide uses **v3.4.3** tag as an example.
```shell
git checkout v4.0.6
git checkout v4.4.12
```
5. Review the files relevant for this guide.
Expand Down Expand Up @@ -740,7 +740,7 @@ git checkout v4.0.6
system.repo: opensuse-leap
system.k8sDistribution: k3s
system.osName: opensuse-leap
system.peVersion: v4.0.6
system.peVersion: v4.4.12
system.customTag: palette-learn
system.osVersion:
```
Expand All @@ -755,9 +755,9 @@ git checkout v4.0.6
```hideClipboard bash
REPOSITORY TAG IMAGE ID CREATED SIZE
spectrocloud/opensuse-leap k3s-1.27.2-v4.0.6-palette-learn 2427e3667b2f 24 minutes ago 2.22GB
spectrocloud/opensuse-leap k3s-1.26.6-v4.0.6-palette-learn 0f2efd533a33 24 minutes ago 2.22GB
spectrocloud/opensuse-leap k3s-1.25.2-v4.0.6-palette-learn 2427e3667b2f 24 minutes ago 2.22GB
spectrocloud/opensuse-leap k3s-1.27.2-v4.4.12-palette-learn 2427e3667b2f 24 minutes ago 2.22GB
spectrocloud/opensuse-leap k3s-1.26.6-v4.4.12-palette-learn 0f2efd533a33 24 minutes ago 2.22GB
spectrocloud/opensuse-leap k3s-1.25.2-v4.4.12-palette-learn 2427e3667b2f 24 minutes ago 2.22GB
```
16. To use the provider images in your cluster profile, push them to your image registry mentioned in the **.arg** file.
Expand All @@ -776,9 +776,9 @@ git checkout v4.0.6
the utility created.
```bash
docker push docker.io/[DOCKER-ID]/opensuse-leap:k3s-1.27.2-v4.0.6-palette-learn
docker push docker.io/[DOCKER-ID]/opensuse-leap:k3s-1.26.6-v4.0.6-palette-learn
docker push docker.io/[DOCKER-ID]/opensuse-leap:k3s-1.25.2-v4.0.6-palette-learn
docker push docker.io/[DOCKER-ID]/opensuse-leap:k3s-1.27.2-v4.4.12-palette-learn
docker push docker.io/[DOCKER-ID]/opensuse-leap:k3s-1.26.6-v4.4.12-palette-learn
docker push docker.io/[DOCKER-ID]/opensuse-leap:k3s-1.25.2-v4.4.12-palette-learn
```
18. After pushing the provider images to the image registry, open a web browser and log in to
Expand Down Expand Up @@ -828,7 +828,7 @@ git checkout v4.0.6
system.repo: opensuse-leap
system.k8sDistribution: k3s
system.osName: opensuse-leap
system.peVersion: v4.0.6
system.peVersion: v4.4.12
system.customTag: palette-learn
system.osVersion:
```
Expand Down
14 changes: 9 additions & 5 deletions ...cs-content/clusters/edge/trusted-boot/edgeforge/build-trusted-provider-image.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,10 +69,10 @@ key that is in the Signature Database (DB). This is important both during instal
git tag
```

4. Check out the newest available tag. This guide uses the tag **v4.4.0** as an example.
4. Check out the newest available tag. This guide uses the tag **v4.4.12** as an example.

```shell
git checkout v4.4.0
git checkout v4.4.12
```

5. Review the files relevant for this guide.
Expand Down Expand Up @@ -135,7 +135,11 @@ key that is in the Signature Database (DB). This is important both during instal
| `OS_DISTRIBUTION` | OS distribution. | `ubuntu`, `opensuse-leap`, `rhel`. |
| `OS_VERSION` | OS version. This applies to Ubuntu only. | `23.10`, `24.04` |
10. Open the **Earthfile** in the CanvOS directory. Under `build-provider-images`, remove the lines containing
10. Open the **k8s_versions.json** file in the CanvOS directory. Remove the Kubernetes versions that you don't need from
the JSON object corresponding to your Kubernetes distribution.
If you are using a tag that is earlier than v4.4.12, the **k8s_versions.json** file does not exist in those tags.
Instead, open the **Earthfile** in the CanvOS directory. Under `build-provider-images`, remove the lines containing
Kubernetes versions that you do not need.
11. CanvOS utility uses [Earthly](https://earthly.dev/) to build the target artifacts. Issue the following command to
Expand All @@ -162,7 +166,7 @@ key that is in the Signature Database (DB). This is important both during instal
`[DOCKER-ID]` and version numbers in the command below with your Docker ID and respective Kubernetes versions.
```bash
docker push docker.io/[DOCKER-ID]/ubuntu:rke2-1.28.2-v4.4.0-trusted-boot
docker push docker.io/[DOCKER-ID]/ubuntu:rke2-1.28.2-v4.4.12-trusted-boot
```
## Validate
Expand All @@ -178,5 +182,5 @@ key that is in the Signature Database (DB). This is important both during instal
```hideClipboard
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/[DOCKER-ID]/ubuntu rke2-1.28.2-v4.4.0-trusted-boot 075134ad5d4b 10 minutes ago 1.79GB
docker.io/[DOCKER-ID]/ubuntu rke2-1.28.2-v4.4.12-trusted-boot 075134ad5d4b 10 minutes ago 1.79GB
```
1 change: 1 addition & 0 deletions docs/docs-content/release-notes/known-issues.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ The following table lists all known issues that are currently active and affecti

| Description | Workaround | Publish Date | Product Component |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | ---------------------------- |
| A change in the [Edge Native Cluster](https://docs.spectrocloud.com/api/v1/v-1-spectro-clusters-edge-native-create/) API endpoint affects Terraform and API workflows for Edge cluster creation or modification. The `type` parameter in the `controlPlaneEndpoint` no longer accepts IP addresses; the accepted values are now `VIP`, `External`, and `DDNS`. As a result, API and Terraform workflows for Edge cluster creation or modification that use the IP address are currently unavailable. | For the Terraform workflow, upgrade the Terraform provider to version `0.21.4`. This new version supports the use of IP addresses and sends the `VIP` value to the API. No workaround is available for the API workflow. | September 17, 2024 | Edge |
| If an Edge host operating a cluster in connected mode loses connection to Palette, the cluster will not auto-renew its Public Key Infrastructure (PKI) certificates. When it re-establishes the connection to Palette, the Edge host will renew the certificates if the existing certificates have less than 30 days before expiry. | No workaround available. | Sep 14, 2024 | Edge |
| Using the Flannel Container Network Interface (CSI) pack together with a Red Hat Enterprise Linux (RHEL)-based provider image may lead to a pod becoming stuck during deployment. This is caused by an upstream issue with Flannel that was discovered in a K3s GitHub issue. Refer to [the K3s issue page](https://github.com/k3s-io/k3s/issues/5013) for more information. | No workaround is available | Sep 14, 2024 | Edge |
| Palette OVA import operations fail if the VMO cluster is using a storageClass with the volume bind method `WaitForFirstConsumer`. | Refer to the [OVA Imports Fail Due To Storage Class Attribute](../troubleshooting/vmo-issues.md#scenario---ova-imports-fail-due-to-storage-class-attribute) troubleshooting guide for workaround steps. | September 13, 2024 | Palette CLI, VMO |
Expand Down
11 changes: 7 additions & 4 deletions docs/docs-content/release-notes/release-notes.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,10 +61,6 @@ tags: ["release-notes"]
to the [Edge Installer User Data Configuration](../clusters/edge/edge-configuration/edge-configuration.md) reference
page for more information.

- A change in the Palette API affects Edge clusters deployed with Terraform or the Palette API. The `type` parameter in
the `controlPlaneEndpoint` for Edge clusters no longer accepts IP addresses. The accepted values are now `VIP`,
`External`, and `DDNS`.

#### Features

- You can now configure the Maximum Transmission Unit (MTU) for network interface configured for discovery though
Expand All @@ -86,6 +82,13 @@ tags: ["release-notes"]
(TUI) to enhance the user experience. These improvements include more visible options menus, automatic configuration
save upon exit, improved color scheme, and more.

#### Known Issues

- A change in the [Edge Native Cluster](https://docs.spectrocloud.com/api/v1/v-1-spectro-clusters-edge-native-create/)
API endpoint affects Terraform and API workflows for Edge cluster creation or modification. The `type` parameter in
the `controlPlaneEndpoint` no longer accepts IP addresses. The accepted values are now `VIP`, `External`, and `DDNS`.
Refer to the [Known Issues](./known-issues.md) page for more information.

### Virtual Machine Orchestrator

#### Features
Expand Down
Loading

0 comments on commit 848bde3

Please sign in to comment.