update docs for disk encryption (#700)

Author: AshleyDumaine

api/v1alpha2/linodemachine_types.go

@@ -77,7 +77,7 @@ type LinodeMachineSpec struct {
 	DataDisks map[string]*InstanceDisk `json:"dataDisks,omitempty"`
 	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
 	// +kubebuilder:validation:Enum=enabled;disabled
-	// DiskEncryption determines if the disks of the instance should be encrypted.
+	// DiskEncryption determines if the disks of the instance should be encrypted. The default is disabled.
 	DiskEncryption string `json:"diskEncryption,omitempty"`
 
 	// CredentialsRef is a reference to a Secret that contains the credentials

config/crd/bases/infrastructure.cluster.x-k8s.io_linodemachines.yaml

@@ -155,7 +155,7 @@ spec:
                 type: object
               diskEncryption:
                 description: DiskEncryption determines if the disks of the instance
-                  should be encrypted.
+                  should be encrypted. The default is disabled.
                 enum:
                 - enabled
                 - disabled

config/crd/bases/infrastructure.cluster.x-k8s.io_linodemachinetemplates.yaml

@@ -145,7 +145,7 @@ spec:
                         type: object
                       diskEncryption:
                         description: DiskEncryption determines if the disks of the
-                          instance should be encrypted.
+                          instance should be encrypted. The default is disabled.
                         enum:
                         - enabled
                         - disabled

docs/src/reference/out.md

@@ -614,7 +614,7 @@ _Appears in:_
 | `firewallID` _integer_ |  |  |  |
 | `osDisk` _[InstanceDisk](#instancedisk)_ | OSDisk is configuration for the root disk that includes the OS,<br />if not specified this defaults to whatever space is not taken up by the DataDisks |  |  |
 | `dataDisks` _object (keys:string, values:[InstanceDisk](#instancedisk))_ | DataDisks is a map of any additional disks to add to an instance,<br />The sum of these disks + the OSDisk must not be more than allowed on a linodes plan |  |  |
-| `diskEncryption` _string_ | DiskEncryption determines if the disks of the instance should be encrypted. |  | Enum: [enabled disabled] <br /> |
+| `diskEncryption` _string_ | DiskEncryption determines if the disks of the instance should be encrypted. The default is disabled. |  | Enum: [enabled disabled] <br /> |
 | `credentialsRef` _[SecretReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#secretreference-v1-core)_ | CredentialsRef is a reference to a Secret that contains the credentials<br />to use for provisioning this machine. If not supplied then these<br />credentials will be used in-order:<br />  1. LinodeMachine<br />  2. Owner LinodeCluster<br />  3. Controller |  |  |
 | `configuration` _[InstanceConfiguration](#instanceconfiguration)_ | Configuration is the Akamai instance configuration OS,<br />if not specified this defaults to the default configuration associated to the instance. |  |  |
 | `placementGroupRef` _[ObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#objectreference-v1-core)_ | PlacementGroupRef is a reference to a placement group object. This makes the linode to be launched in that specific group. |  |  |

docs/src/topics/disks/disks.md

@@ -1,3 +1,13 @@
 # Disks
 
-This section contains information about [OS](./os-disk.md) and [data](./data-disks.md) disk configuration in Cluster API Provider Linode
+This section contains information about [OS](./os-disk.md) and [data](./data-disks.md) disk configuration in Cluster API Provider Linode
+
+## Disk encryption
+
+By default, clusters are provisioned with disk encryption disabled.
+
+For enabling disk encryption, set `spec.template.spec.diskEncryption=enabled` in your generated LinodeMachineTemplate resources when creating a CAPL cluster.
+
+~~~admonish warning
+If you see issues with cluster creation after enabling disk encryption, reach out to customer support. Its possible its disabled for your account and needs to be manually enabled.
+~~~

docs/src/topics/getting-started.md

@@ -44,9 +44,6 @@ Please refer to it for more details on environment variables used for client con
 For Regions and Images that do not yet support Akamai's cloud-init datasource CAPL will automatically use a stackscript shim
 to provision the node. If you are using a custom image ensure the [cloud_init](https://www.linode.com/docs/api/images/#image-create) flag is set correctly on it
 ```
-~~~admonish warning
-By default, clusters are provisioned within VPC with disk encryption enabled. For Regions which do not have [VPC support](https://www.linode.com/docs/products/networking/vpc/#availability) yet, use the [VPCLess](./flavors/vpcless.md) flavor to have clusters provisioned. For disabling disk encryption, set `spec.template.spec.diskEncryption=disabled` in your generated LinodeMachineTemplate resources when creating a CAPL cluster.
-~~~
 
 ## Setup management cluster
 A clusterAPI management cluster is a kubernetes cluster that is responsible for managing the lifecycle of other child k8s clusters provisioned using Cluster API (CAPI). It serves as a control plane for provisioning, scaling, upgrading and deleting child kubernetes clusters.