Merge pull request #5553 from influxdata/dar-clustered-users-page

jstirnaman · web-flow · commit b176d61a61a5 · 2024-08-05T12:46:04.000-05:00
fix: link to missing Clustered users page
diff --git a/content/influxdb/clustered/install/configure-cluster/directly.md b/content/influxdb/clustered/install/configure-cluster/directly.md
@@ -89,6 +89,8 @@ The `AppInstance` resource contains key information, such as:
 Copy the provided `example-customer.yml` file to create a new configuration file
 specific to your InfluxDB cluster. For example, `myinfluxdb.yml`.
 
+<!-- pytest.mark.skip -->
+
 ```sh
 cp example-customer.yml myinfluxdb.yml
 ```
@@ -106,6 +108,8 @@ InfluxData provides an `app-instance-schema.json` JSON schema file that VS Code
 
 Create a namespace for InfluxDB--for example, enter the following `kubectl` command in your terminal:
 
+<!-- pytest.mark.skip -->
+
 ```sh
 kubectl create namespace influxdb
 ```
@@ -122,6 +126,8 @@ update an InfluxDB cluster.
 
 Use `kubectl` to install the [kubecfg kubit](https://github.com/kubecfg/kubit) operator.
 
+<!-- pytest.mark.skip -->
+
 ```sh
 kubectl apply -k 'https://github.com/kubecfg/kubit//kustomize/global?ref=v0.0.15'
 ```
@@ -148,6 +154,8 @@ Use [crane](https://github.com/google/go-containerregistry/tree/main/cmd/crane)
 
 {{% code-placeholders "PACKAGE_VERSION" %}}
 
+<!-- pytest.mark.skip -->
+
 ```sh
 mkdir /tmp/influxdbsecret
 cp influxdb-docker-config.json /tmp/influxdbsecret/config.json
@@ -256,6 +264,8 @@ You can obtain it with any standard OCI image inspection tool. For example:
 
 {{% code-placeholders "PACKAGE_VERSION" %}}
 
+<!-- pytest.mark.skip -->
+
 ```sh
 DOCKER_CONFIG=/tmp/influxdbsecret \
 crane config \
@@ -278,6 +288,8 @@ Use `crane` to copy the images to your private registry:
 
 {{% code-placeholders "REGISTRY_HOSTNAME" %}}
 
+<!-- pytest.mark.skip -->
+
 ```sh
 </tmp/images.txt xargs -I% crane cp % REGISTRY_HOSTNAME/%
 ```
@@ -334,6 +346,8 @@ cluster as a secret. Provide the paths to the TLS certificate file and key file:
 
 {{% code-placeholders "TLS_(CERT|KEY)_PATH" %}}
 
+<!-- pytest.mark.skip -->
+
 ```sh
 kubectl create secret tls ingress-tls \
   --namespace influxdb \
@@ -735,34 +749,37 @@ Replace the following:
 {{% /code-tab-content %}}
 {{< /code-tabs-wrapper >}}
 
-##### Adding users
+##### Add users
 
-Finally, add all the users you wish to have access to use `influxctl`.
-Update the `spec.package.spec.admin.users` field with a list of these users.
+Finally, to give users access to use `influxctl`, add the list of users to the `spec.package.spec.admin.users` field.
+
+<!-- Pending /admin/users
 See [Adding or removing users](/influxdb/clustered/admin/users/) for more details.
+-->
 
 #### Configure the size of your cluster
 
-By default, an InfluxDB cluster is configured with the following:
+##### Default scale settings
 
-- **3 ingesters**:  
+- **3 ingesters**:
   Ensures redundancy on the write path.
-- **1 compactor**:  
+- **1 compactor**:
   While you can have multiple compactors, it is more efficient to scale the
   compactor vertically (assign more CPU and memory) rather than horizontally
   (increase the number of compactors).
-- **1 querier**:  
+- **1 querier**:
   The optimal number of queriers depends on the number of concurrent queries you are
   likely to have and how long they take to execute.
 
 The default values provide a good starting point for testing.
-Once you have your cluster up and running and are looking for scaling recommendations,
+Once you have your cluster up and running and are looking for scaling recommendations
+for your anticipated workload,
 please [contact the InfluxData Support team](https://support.influxdata.com).
-We are happy to work with you to identify appropriate scale settings based on
-your anticipated workload.
 
-**To use custom scale settings for your InfluxDB cluster**, modify the following fields
-in your `myinfluxdb.yml`. If omitted, your cluster will use the default scale settings.
+##### Customize scale settings
+
+**To use custom scale settings for your InfluxDB cluster**, edit values for the following fields
+in your `myinfluxdb.yml`. If omitted, your cluster uses the default scale settings.
 
 - `spec.package.spec.resources`
   - `ingester.requests`
@@ -833,44 +850,53 @@ spec:
 
 ### Provide a custom certificate authority bundle {note="Optional"}
 
-InfluxDB attempts to make TLS connections to the services it depends on; notably
-the [Catalog](/influxdb/clustered/reference/internals/storage-engine/#catalog),
+InfluxDB attempts to make TLS connections to the services it depends on--notably,
+the [Catalog](/influxdb/clustered/reference/internals/storage-engine/#catalog)
 and the [Object store](/influxdb/clustered/reference/internals/storage-engine/#object-store).
-InfluxDB validates the certificates for all of the connections it makes.
+InfluxDB validates certificates for all connections.
 
-**If you host these services yourself and you use a private or otherwise not
-well-known certificate authority to issue certificates to theses services**, 
-InfluxDB will not recognize the issuer and will be unable to validate the certificates.
-To allow InfluxDB to validate these certificates, provide a PEM certificate
-bundle containing your custom certificate authority chain.
+_If you host dependent services yourself and you use a private or otherwise not
+well-known certificate authority to issue certificates to them, 
+InfluxDB won't recognize the issuer and can't validate the certificates._
+To allow InfluxDB to validate the certificates from your custom CA,
+configure the `AppInstance` resource to use a **PEM certificate
+bundle** that contains your custom certificate authority chain.
 
-1.  Use `kubectl` to create a config map containing your PEM bundle.
+1.  Use `kubectl` to create a config map that contains your PEM-formatted
+    certificate bundle file.
     Your certificate authority administrator should provide you with a
-    PEM-formatted certificate bundle file.
+    PEM-formatted bundle file.
     
     {{% note %}}
-This PEM-formatted bundle file is *not* the certificate that InfluxDB uses to
-host its own TLS endpoints. This bundle establishes a chain of trust for the
+This PEM bundle file establishes a chain of trust for the
 external services that InfluxDB depends on.
+It's *not* the certificate that InfluxDB uses to
+host its own TLS endpoints.
     {{% /note %}}
 
-    In the example below, `private_ca.pem` is the certificate bundle file.
+    In the example, replace `/path/to/private_ca.pem` with the path to your PEM-formatted certificate bundle file:
+
+    <!-- pytest.mark.skip -->
 
     ```sh
     kubectl --namespace influxdb create configmap custom-ca --from-file=certs.pem=/path/to/private_ca.pem
     ```
 
     {{% note %}}
-It's possible to append multiple certificates into the same bundle.
-This can help if you need to include intermediate certificates or explicitly
-include leaf certificates. Leaf certificates should be included before any
-intermediate certificates they depend on. The root certificate should
-be last in the bundle.
+#### Bundle multiple certificates
+
+You can append multiple certificates into the same bundle.
+This approach helps when you need to include intermediate certificates or explicitly include leaf certificates.
+
+Include certificates in the bundle in the following order:
+
+1. Leaf certificates
+2. Intermediate certificates required by leaf certificates
+3. Root certificate
     {{% /note %}}
 
-2.  Update your `AppInstance` resource in your `myinfluxdb.yml` to refer to your
-    certificate authority config map. Update the `.spec.package.spec.egress`
-    property to refer to that config map. For example:
+2.  In `myinfluxdb.yml`, update the `.spec.package.spec.egress` field to refer
+    to the config map that you generated in the preceding step--for example:
 
     ```yml
     spec:
