adjust partials

Author: paigecalvert

docs/enterprise/installing-embedded-requirements.mdx

@@ -1,6 +1,5 @@
 import EmbeddedClusterRequirements from "../partials/embedded-cluster/_requirements.mdx"
 import EmbeddedClusterPortRequirements from "../partials/embedded-cluster/_port-reqs.mdx"
-import FirewallOpenings from "../partials/install/_firewall-openings-ec.mdx"
 import FirewallOpeningsIntro from "../partials/install/_firewall-openings-intro.mdx"
 
 # Embedded Cluster Installation Requirements
@@ -19,4 +18,23 @@ This topic lists the installation requirements for Replicated Embedded Cluster.
 
 <FirewallOpeningsIntro/>
 
-<FirewallOpenings/>
+<table>
+  <tr>
+      <th width="50%">Domain</th>
+      <th>Description</th>
+  </tr>
+  <tr>
+      <td>`proxy.replicated.com`</td>
+      <td><p>Private Docker images are proxied through `proxy.replicated.com`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.</p><p>For the range of IP addresses for `proxy.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L52-L57) in GitHub.</p></td>
+  </tr>
+  <tr>
+      <td>`replicated.app`</td>
+      <td><p>Upstream application YAML and metadata is pulled from `replicated.app`. The current running version of the application (if any), as well as a license ID and application ID to authenticate, are all sent to `replicated.app`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.</p><p>For the range of IP addresses for `replicated.app`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L60-L65) in GitHub.</p></td>
+  </tr>
+  <tr>
+      <td>`registry.replicated.com` &#42;</td>
+      <td><p>Some applications host private images in the Replicated registry at this domain. The on-prem docker client uses a license ID to authenticate to `registry.replicated.com`. This domain is owned by Replicated, Inc which is headquartered in Los Angeles, CA.</p><p> For the range of IP addresses for `registry.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L20-L25) in GitHub.</p></td>
+  </tr>
+</table>
+
+&#42; Required only if the application uses the [Replicated proxy registry](/vendor/private-images-about).

docs/enterprise/installing-general-requirements.mdx

@@ -1,6 +1,5 @@
 import DockerCompatibility from "../partials/image-registry/_docker-compatibility.mdx"
 import KubernetesCompatibility from "../partials/install/_kubernetes-compatibility.mdx"
-import FirewallOpenings from "../partials/install/_firewall-openings-kots.mdx"
 import FirewallOpeningsIntro from "../partials/install/_firewall-openings-intro.mdx"
 
 # KOTS Installation Requirements
@@ -271,4 +270,37 @@ KOTS has been tested for compatibility with the following registries:
 
 <FirewallOpeningsIntro/>
 
-<FirewallOpenings/>
+<table>
+  <tr>
+      <th width="50%">Domain</th>
+      <th>Description</th>
+  </tr>
+  <tr>
+      <td>Docker Hub</td>
+      <td><p>Some dependencies of KOTS are hosted as public images in Docker Hub. The required domains for this service are `index.docker.io`, `cdn.auth0.com`, `*.docker.io`, and `*.docker.com.`</p></td>
+  </tr>
+  <tr>
+      <td>`proxy.replicated.com` &#42;</td>
+      <td><p>Private Docker images are proxied through `proxy.replicated.com`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.</p><p>For the range of IP addresses for `proxy.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L52-L57) in GitHub.</p></td>
+  </tr>
+  <tr>
+      <td>`replicated.app`</td>
+      <td><p>Upstream application YAML and metadata is pulled from `replicated.app`. The current running version of the application (if any), as well as a license ID and application ID to authenticate, are all sent to `replicated.app`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.</p><p>For the range of IP addresses for `replicated.app`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L60-L65) in GitHub.</p></td>
+  </tr>
+  <tr>
+      <td>`registry.replicated.com` &#42;&#42;</td>
+      <td><p>Some applications host private images in the Replicated registry at this domain. The on-prem docker client uses a license ID to authenticate to `registry.replicated.com`. This domain is owned by Replicated, Inc which is headquartered in Los Angeles, CA.</p><p> For the range of IP addresses for `registry.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L20-L25) in GitHub.</p></td>
+  </tr>
+  <tr>
+      <td>`kots.io`</td>
+      <td><p>Requests are made to this domain when installing the Replicated KOTS CLI. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.</p></td>
+  </tr>
+  <tr>
+     <td>`github.com`</td>
+     <td>Requests are made to this domain when installing the Replicated KOTS CLI. For information about retrieving GitHub IP addresses, see [About GitHub&#39;s IP addresses](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses) in the GitHub documentation.</td>
+  </tr>
+</table>
+
+&#42; Required only if the application uses the [Replicated proxy registry](/vendor/private-images-about).
+
+&#42;&#42; Required only if the application uses the [Replicated registry](/vendor/private-images-replicated).

docs/enterprise/installing-kurl-requirements.mdx

@@ -1,4 +1,3 @@
-import FirewallOpenings from "../partials/install/_firewall-openings-kurl.mdx"
 import FirewallOpeningsIntro from "../partials/install/_firewall-openings-intro.mdx"
 
 # kURL Installation Requirements
@@ -38,4 +37,37 @@ You must meet the additional kURL system requirements when applicable:
 
 <FirewallOpeningsIntro/>
 
-<FirewallOpenings/>
+<table>
+  <tr>
+      <th width="50%">Domain</th>
+      <th>Description</th>
+  </tr>
+  <tr>
+      <td>Docker Hub</td>
+      <td><p>Some dependencies of KOTS are hosted as public images in Docker Hub. The required domains for this service are `index.docker.io`, `cdn.auth0.com`, `*.docker.io`, and `*.docker.com.`</p></td>
+  </tr>
+  <tr>
+      <td>`proxy.replicated.com` &#42;</td>
+      <td><p>Private Docker images are proxied through `proxy.replicated.com`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.</p><p>For the range of IP addresses for `proxy.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L52-L57) in GitHub.</p></td>
+  </tr>
+  <tr>
+      <td>`replicated.app`</td>
+      <td><p>Upstream application YAML and metadata is pulled from `replicated.app`. The current running version of the application (if any), as well as a license ID and application ID to authenticate, are all sent to `replicated.app`. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.</p><p>For the range of IP addresses for `replicated.app`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L60-L65) in GitHub.</p></td>
+  </tr>
+  <tr>
+      <td>`registry.replicated.com` &#42;&#42;</td>
+      <td><p>Some applications host private images in the Replicated registry at this domain. The on-prem docker client uses a license ID to authenticate to `registry.replicated.com`. This domain is owned by Replicated, Inc which is headquartered in Los Angeles, CA.</p><p> For the range of IP addresses for `registry.replicated.com`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L20-L25) in GitHub.</p></td>
+  </tr>
+  <tr>
+     <td><p>`k8s.kurl.sh`</p><p>`s3.kurl.sh`</p></td>
+     <td><p>kURL installation scripts and artifacts are served from [kurl.sh](https://kurl.sh). An application identifier is sent in a URL path, and bash scripts and binary executables are served from kurl.sh. This domain is owned by Replicated, Inc., which is headquartered in Los Angeles, CA.</p><p> For the range of IP addresses for `k8s.kurl.sh`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L34-L39) in GitHub.</p><p> The range of IP addresses for `s3.kurl.sh` are the same as IP addresses for the `kurl.sh` domain. For the range of IP address for `kurl.sh`, see [replicatedhq/ips](https://github.com/replicatedhq/ips/blob/main/ip_addresses.json#L28-L31) in GitHub.</p></td>
+  </tr>
+  <tr>
+     <td>`amazonaws.com`</td>
+     <td>`tar.gz` packages are downloaded from Amazon S3 during installations with kURL. For information about dynamically scraping the IP ranges to allowlist for accessing these packages, see [AWS IP address ranges](https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html#aws-ip-download) in the AWS documentation.</td>
+  </tr>
+</table>
+
+&#42; Required only if the application uses the [Replicated proxy registry](/vendor/private-images-about).
+
+&#42;&#42; Required only if the application uses the [Replicated registry](/vendor/private-images-replicated).